It Really Can Be That Easy – Single Pane of Glass

As I mentioned in my previous blog post, I used to run a small encryption team at a large organization before I came to work for WinMagic. One of the key responsibilities we had was to generate FISMA (Federal Information Security Management Act) compliance reports for NIST SP 800-53, AC-3 and SC-13 controls. What does that mean? Essentially, these are reports that ensure key security standard requirements are met within the organization for Government regulatory purposes.

When we had to go through this exercise, we had to begin two weeks prior to our reporting deadline. The reason we had to start so early was due to the fact we had five different teams, managing five different pieces of software, and had to compile all the data from these disparate systems. To ensure the compliance report was accurate took time because of the way all these independent systems were managed.

This how it typically worked:

  1. Start with Asset Management. This team pulled their information into our custom-made Access Database to get all of the baseline data of the devices that were on record.
  2. Move to Active Directory.  This team would pull a list of devices that were registered and pull them into the same custom database.
  3. On to Mac Encryption. This team would provide the data on the encryption status of all Mac OS X devices and add this to the database.
  4. Deployment. After working with the three previous teams, we’d go to the Deployment Team to identify systems that were scheduled to get the Windows deployment package and then, yes, you guessed it, import that information into the database.
  5. From there, I’d go to my team and export all the information we had access to and import that into this master database.

For those keeping score, that’s a lot of information on a lot of systems coming from a lot of groups. It wasn’t the least bit efficient and very challenging and time-consuming and the best part? We weren’t done yet!

Once we had all the different data sources consolidated from the five different management teams and their corresponding consoles, we had to write a VBA code that would compare and compile all the information for FISMA.

The funny thing is, this still happens today. Organizations have different systems to manage different devices. It’s a largely inefficient way to manage this kind of information and really creates unnecessary cycles for administrators.

It’s one of the key reasons we’ve tried to close that disparate system gap with SecureDoc 6.1. While we’re not a pure-play MDM provider, we’ve now incorporated the management of mobile devices other than laptops into our management console. This means that administrators can use the main SecureDoc web console to run reports like this. With SES Web, we can identify: laptops, desktops, iPhones, iPads, Android phones and Android tablets, windows and Mac devices… it doesn’t matter; we can see the encryption status of all of them through one console.

Something that used to take me two weeks to get done can now be done in hours. This type of time and cost savings is invaluable to customers and to the sanity of IT administrators everywhere.

Click here for more information on how SES Web can help you!

Previous Post
Plotting world domination
Next Post
Why Apple Matters in The Enterprise

Related Posts

Talkin’ to Government

Today marks our first day at FOSE – the annual conference for government technology professionals. In today’s increasingly security-sensitive environment, this conference should provide some good insights as to what’s on the mind of folks working in government and how…
Read more

Hidden Benefits of Encryption for Legal Services

Lately we have noticed a growing interest for encryption and data security in the legal services industry. Legal services face a similar challenge as other verticals with the need to protect corporate assets being shared through multiple devices and portals.…
Read more

AES-NI Validation

WinMagic has a long and successful history of data encryption – pretty sure I’ve said this before. One of the key things we work to ensure is compliance and certification with things such as the Cryptographic Module Validation Program (CMVP)…
Read more

SecureDoc Updates Are Here!

Back at RSA in February we started talking about updates and enhancements that would be coming to SecureDoc in the spring. And spring has sprung, with it, so has the latest version of SecureDoc! (more…)
Read more

Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.