Let NNT take the strain out of your security and compliance management needs
An out-tasked or fully cloud-provisioned service providing Managed Device Vulnerability Management, File Integrity Monitoring, with Change and Configuration Management.
How does it work?
Using a combination of NNT’s Change Tracker Enterprise deployed into the customer environment, coupled with a flexible weekly monitoring service provided by trained security experts, NNT is able to deliver a unique and affordable solution.
NNT Change Tracker Enterprise starts with a complete audit of all devices to ensure they are set to a ‘secured & compliant’ state utilizing officially governed standards such as CIS, PCI DSS, SOX & HIPPA. Once we have rendered systems compliant, NNT Change Tracker monitors all changes to the otherwise secure state. These changes are fully profiled with planned versus unplanned alerts combined with information such as who made the change, when, what and whether it has affected the compliant posture.
This is then fully backed up by a thorough weekly analysis by real and qualified support staff. This process is used to refine and improve the intelligence of the system to reduce ‘false positives’ which over time sharpens the automatic capabilities within the solution to better identify exceptional and unusual events that could be the giveaway signs of a security threat.
What sets NNT's security compliance monitoring service apart?
Easy to scale across any organization, NNT’s Security and Compliance Monitoring Service is avaialble as both a pure, hosted cloud solution with no need for any hardware on-site, or an outtasked service where NNT provide expert security consultancy resource to support your NNT-based security solution.
In addition to providing dependable analysis of all security events as outlined, NNT will routinely review and re-calibrate the monitoring system to ensure it remains optimized and current.
Where required, NNT can also offer insight and assistance with the integration of Change Tracker and any prevailing Change Management systems.
Not only does this service reduce the amount of information that you might otherwise need to spend time analyzing, it will also give you the reassurance and peace of mind that IT systems are being constantly monitored, and that security is always being improved.
This report excerpt shows an example of how signifcant security events are highlighted, with any necessary follow-up investigation conducted.
The initial alert for the failed logon to the server with sensitive data will have been alerted to the local security administrator who will have worked with the NNT Log Analysis team on any immediate response.
The weekly report then acts to record all significant events and ensures all have been handled properly, ideal for both small teams where lack of resource may have delayed any investigation, and for large teams where investigation work may be hampered by crossing team boundaries.
How it Works
NNT provide a complete deployment of NNT Log Tracker (generally installed with NNT Change Tracker ). All required monitoring software and host/network settings are implemented in line with Auditor/QSA standards of operation. NNT then take charge of the monitoring solution, ensuring that the system is regularly upgraded and improved.
Log Tracker intelligently reviews logs from all systems in real-time, correlating and pattern matching to identify anything unusual or exceptional that may be a potential security event. The local IT Team are alerted by email of any such event, with the NNT Security Team on hand to assist with advice on investigation and next steps to take.
All security incidents are always reviewed by experienced security consultants from NNT, typically once a week via secure VPN, to ensure incidents have been handled correctly and any remediation steps enforced or future mitigation actions taken. A clear report will be provided telling you what you need to know and providing advice for improving security further.
NNT Log Analysis Services are different to other fully outsourced services in that your in-house security capabilities and skillset - rather than being eroded by the abdication of responsibility that a fully Managed Service brings - are instead continually being improved over time by working with the NNT Security Consultant Team.