6 Steps for Ensuring Continuous Compliance in a Complex, Hybrid IT Environment

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10
Next Next

Change Requests

Create a well-defined process for change requests.

Many companies are adopting methodologies like DevOps, where changes to applications are pushed out very rapidly. It's often the case where application updates require modifications to the network configuration, and these changes happen quickly to keep pace with business. When the network is "clean" (i.e., fully compliant with policy), that's the right time to assess the change requests and control processes, as well as the impact they will have. This is also the time to recertify that the network is maintaining its state of continuous compliance. The recertification process includes evaluating change requests against the security policy to make sure the requested configuration change doesn't cause a policy violation. Your change control process should include workflow documentation of precisely what changes are made, for what business purpose, and at whose request (also known as "full accountability"). The documentation needs to include sufficient comments so that compliance auditors can know what happened and why. This documentation is critically important if problems arise – or worse, in the event of a cyber attack --and the origins of changes need to be traced.

CISOs and their network security teams are under increasing pressure to adhere to an expanding "alphabet soup" of regulatory requirements that have a direct impact on the enterprise network. On top of that, every business has its own internal policies and best practice workflows to follow. One way to reduce the compliance enforcement and audit-readiness burden is to work toward the goal of continuous compliance — attaining a state where all compliance requirements are met, and then continuously maintaining that state.

Even with the many challenges of managing today's complex IT environment, it's possible to achieve continuous compliance through proper organization, thorough processes and technology automation. In this slideshow, Ellen Fischl Bodner, Tufin, has identified six steps that are critical to ensuring continuous compliance.


Related Topics : A Big Market for Big Data Jobs, Midmarket CIO, IT Management Automation, SharePoint, Technology Markets

More Slideshows

infra97-290x195 7 Tips to Improve Data Backup and Ensure Business Continuity

With today's modern solutions, enterprises should be able to transform backup and recovery from a low-level legacy IT function to a modern function delivering continuity and value to the entire business. ...  More >>

NETSCOUTShadowIT0x 6 Tips for Combating Shadow IT Once and for All

To mitigate the risks of shadow IT, organizations must demonstrate the necessary agility and high quality of complex service assurance that users are looking for. ...  More >>

IT_Man85-290x195 Business in the Front, Balance All Around: Working with Gen Z

In order to attract Gen Z talent, employers will need to take into account that this group of the workforce may expect a different set of benefits. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.