Evaluating Effectiveness

With multiple security tools in place, how do you determine what’s working and what isn’t? How do you justify the expenditure by showing that every tool in your arsenal is doing its job?

Of course, there’s one very good indicator of whether your security systems are working: whether your systems get broken into or not. The question is “was I impacted when my peers and colleagues were?” says Branston.

Monitoring the alerts the various tools generate is a good way to see how many problems they’re preventing, Zasada says, and log files are invaluable for this purpose.

Casale says security management consoles like Intellitactics’ can also help, thanks to reports that help the security manager see what each security tool in his or her arsenal is picking up. “If you’re trying to look at the effectiveness of your antivirus, you can run reports on all the anomalies generated by your antivirus. You can run reports on all the alerts generated by your IDS system.”

Such reports can also indicate when security controls need to be tightened or relaxed, Casale says, and help the security administrator see how long incidents take on average to be resolved.

If a tools isn’t performing, it may need some adjustments. Few security tools do everything a given enterprise wants straight out of the box, Wolynski points out – they need configuration and ongoing fine-tuning, not to mention proper user training to take full advantage of their capabilities.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Grant Buckler
Grant Buckler
Freelance journalist specializing in information technology, telecommunications, energy & clean tech. Theatre-lover & trainee hobby farmer.
Previous article
Next article

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs