Once upon time, the concept of coming into compliance with a particular regulation was once thought of as a onetime event that should be celebrated.
Now it's becoming clear to just about everybody that compliance isn't an event at all, but rather a continuing process that has to be maintained at a consistently high level. As companies increasingly come to that realization, many of them are looking for a more comprehensive approach to addressing the compliance challenge.
To try to help companies makes this shift, Tripwire today released version 8.1 of the enterprise edition of its namesake platform for managing compliance. The latest version adds two new modules, VIA Asset View and the VIA Configuration Data Mart, that allow IT organizations to more easily identify what systems are in compliance with what specific controls at any given moment.
According to Michael Thelander, product marketing director for Tripwire, attaining that visibility is the first step towards continuous compliance. To achieve that goal, Thelander says customers need a framework for managing compliance that allows them to immediately see where issues are, and then analyze the risks attached to those issues. That essentially means creating a framework and associated set of processes that make compliance a continuous process, which at the same time should also serve to lower the total cost of compliance while also boosting security.
On the one hand, many people naturally think of compliance as a manifestation of heavy-handed government regulations. But on the other hand, those compliance regulations provide incentives for companies to run their businesses properly. In fact, Thelander says he's now seeing instances where employee bonuses are tied to the level of compliance the business attains.
It's hard to say exactly where the concept of continuous compliance will take both the business and IT departments that support that process. But the one thing that is for certain is that the two are about to get more intricately linked than ever.