Lepide Blog: A Guide to IT Security, Compliance and IT Operations

The state of IT auditing today

audit

Is auditing important?

With the rising number of security threats, and increasing regularity and strictness of compliance mandates, auditing your IT environment is more important than it has ever been. Effective auditing will help you to fix IT problems faster and give you a better understanding of what’s happening in your IT environment. Modern organizations must have a mature approach to auditing to ensure adequate systems management, security and compliance.

How good are organizations at auditing their IT environment?

Whilst many organizations recognize that they ought to improve their auditing, the reality is that most take a fire fighting approach. It’s usually in the wake of an incident that they realize they don’t actually have a good grip on what’s happening in their IT environment. The danger with this reactive method of auditing is that some incidents can be extremely costly. Most organizations have not deployed appropriate mechanisms to pro-actively audit their most important systems and protect themselves against such cases.

Why?

One of the main challenges cited by IT professionals is finding the right people with the right combination of knowledge and skill to effectively audit their IT environment. Native auditing can be extremely complex and requires an in-depth understanding of the systems to be successful.

Whilst there are numerous vendors providing solutions for auditing and monitoring system changes, the default price point is often geared towards larger enterprises – organizations that generally have bigger budgets to play with.

One alternative is to deploy a SIEM solution – an incredibly sophisticated piece of software that provides granular reporting. Whilst SIEM solutions sound like the perfect approach, the reality is that most deployments fail and many companies don’t know the appropriate actions to take with the reports that produces. SIEM solutions are also generally catered towards larger organizations – leaving very little on offer for SMEs.

What other options are there?

If you are an organization that doesn’t have sensitive data in your servers, has a very small number of employees and compliance isn’t on your radar, then native auditing is probably an adequate option. However, for other organizations there are a number of third party auditing solutions on the market that give complete visibility across the most critical systems. They offer a range of pre-set reports for IT security, systems management and compliance audit challenges. You might be surprised at how cost-effective some of them can be – it can be easily justified when you take into account how simple to use and quick to deploy some of them are. When such solutions exist on today’s market organizations can no longer afford to remain reactive where IT auditing is concerned.