An organizations’ most valuable asset is its data and the users that have access to it. For IT and security departments it’s imperative to ensure company data is secure, available and compliant. In order to do this, IT must keep track of critical IT data including system configurations, who has access to what information, and what they’ve done with that access. Historically, analyzing user activity on critical network resources has been a challenging task - one that involves processing vast amounts of data scattered across disparate systems, devices and applications, making it difficult to search, manage and maintain security and compliance across the organization. Huge volumes of logs, expensive storage hardware, lack of in-house expertise on events, event log diversity and mediocre native tools for event analysis further complicate this task.
This week Dell announced the availability of InTrust 11.0 and it delivers answers to an organizations’ most challenging tasks for investing security incidents. It allows the IT administrators and security teams to securely collect, store, search and analyze data from numerous data sources and devices in one place with real-time insight of user activity for security, compliance and operational visibility. Customers don't need to worry about the space needed to store events as InTrust has an indexed online repository that can store up to 10TB of data with a compression ratio of 20:1.
IT Search, the newest feature of InTrust, provides an interactive web-based UI into your analytics and collection tools. Experts, non-experts and anyone in between can easily use the same interface in a matter of minutes. Through this single web interface, IT administrators and security teams for the first time can quickly find answers to key compliance and security questions such as:
- Where does the user have access?
- What files and folders across servers can the user access?
- What level of access do they have to files and folders?
- How was this access used or if the user has ever used this access?
- How was this access obtained in the first place?
- What was the sequence of permissions changes that led to this level of access?
With Dell InTrust, IT and security teams can thwart hidden security threats and quickly discover suspicious event trends and anomalies in real-time through dynamic breadcrumb investigations into users, groups, files, and events that might otherwise be overlooked and result in possible data breaches. Using this solution to search user entitlements, configuration data, and patterns across critical systems on multiple platforms reduces the complexity of searching, analyzing and maintaining important IT data scattered across information silos. Having instant access to all this data in one place drastically simplifies audits, review of security incidents and any malicious activity in less time and with more confidence.
Full benefits include:
- Operational visibility – Eliminates information security silos and simplifies analysis of events with an interactive search and store engine
- Improved security investigations – Speeds security investigations and audits with instant insight into relationships between data and users
- Proactive detection of internal threats – Improves internal security by detecting suspicious patterns and event trends with real-time alerts
- Support for compliance regulations – Addresses regulatory compliance for PCI, HIPAA, SOX, FISMA and more by compressing, storing and indexing critical event log data for audits
- Reduced storage costs –Compresses terabytes of data down to gigabytes using a unique file-based repository with a 20:1 compression ratio and powerful full text search index, saving on storage costs and time spent searching for events across the enterprise network
- Integration with Dell SecureWorks and IAM security solutions – Feeds high quality user auditing data to SecureWorks managed security services, as well as other SIEM solutions to speed up security incidents detection and prevention, eliminating white noise overhead. Complements identity and access management for privileged account auditing to build a full picture of shared and superuser account activities, and raise individual accountability
For more information, visit https://www.quest.com/products/intrust/