What is continuous monitoring? By definition Continuous Monitoring (CM) is the process and technology used to detect compliance and risk issues associated with an organization’s financial and operational environment. The financial and operational environment consists of people, processes, and systems working together to support efficient and effective operations.
But like most things these days in the cyber realm, like cloud and big data, CM is no exception and it means different things to different people.
The process reads easy – just put some controls in place and you are off to the races mitigating the risks to your enterprise and operation. On the surface this seems like a logical thing to do, but often times the opposite effect takes place. You actually introduce additional risk to your environment, and this is where it pays to do some legwork before deciding on which type, kind, or level of CM solution will fit best to balance your security and operations to your specific organization. CM is far from a once size fits all commercial, off-the-shelf solution.
To dive into the technical details of how this CM thing works, when a computer, or anything with an IP address (the whole Internet of things you hear about), enters your network, it asks to be authenticated (like a knock on a door, can I come in?). If that device has a vulnerability or poses a risk, it is not allowed to join the network (no open door). Even something like having Windows 7 when you established a business rule that Windows 10 is required. So, until the user corrects the issue, or if you have an automatic method to correct it for them, the device is not allowed entry.
Large enterprises experience difficulties tracking each new entry onto their network. It can be a tedious and time-consuming task. But if you utilize the right technologies, you can create a checks and balances system to mitigate your security exposure to these threats. As an example, ForeScout’s CounterACT® technology is what we often recommend for government or financial clients.
But even with the right product in place, in order to make it truly effective, agencies need to know what they don’t know about their network. The first line of defense is not to cause an outage yourself. New technologies not only require expert knowledge about the tool but it is imperative that the right questions are asked about how to operationalize this new product or tool.
Our team at Three Wire Systems understand the tool and the operational needs of our DoD customer’s mission sets. Our expert engineers can translate tool need to mission needs to mitigate against self imposed outages, operational risk, and downtime. Business process is a very important piece of the CM solution and all enterprise operators play a critical role in the planning, installation, and execution phases of rolling out a solid and successful CM solution.
To get your CM capability in place, we start by working with our clients by asking the relevant operational questions, ensure they have a solid core (what allows the entry in the first place), Helpdesk training, and enterprise team conversations. When the team is synced up, we work to get the solution installed and operational, this may be DevOps but you will what to read about that in our next blog.