• Reactive Stance Affects Compliance with Protocols, Ability to Respond to Security Threats

Complete awareness of agency network activity is not just critical to maintaining compliance with important government mandates, it’s also a key security component in today’s complex IT environment. Responses to a to a recent Dell Software survey of senior federal IT professionals, however, indicated that half of the respondents are reactive to network vulnerabilities and, as a result, struggle to maintain compliance with mandated IT policies and standards.

The survey findings underscore that compliance remains both a constant imperative and challenge for government agencies. In fact, 72 percent of respondents reported that their agency must comply with at least three federal mandates[i]. Lack of compliance with important regulations like the Health Insurance Portability and Accountability Act (HIPAA) or the Federal Information Security Management Act (FISMA) can result in serious consequences that include actual security gaps in an agency’s network.

Proactive reporting capabilities are key both to complying with regulations, and mitigating damage from security breaches. If agencies cannot quickly identify the source of a security incident, a lengthy time-to-resolution can amplify data loss and damages. Real time detection and reporting capabilities position agencies to better identify the source of a breach, and proactively alert IT managers when abnormal network activity occurs so they can take immediate action.

Key research findings include:

  • 81 percent of respondents cited the importance of having audit-ready, real-time reporting capabilities. These capabilities not only ease the compliance process, but also keep agency networks more secure.
  • One-third of respondents felt they were losing the ability to accomplish their missions due to unwieldy maintenance and management of IT systems.
  • 87 percent of respondents emphasized the need for real-time alerts in Government Risk and Compliance (GRC) software to help identify and immediately resolve IT issues[i].

To address these pain points, government agencies need to be able to answer the question, “How long since your last internal audit” with a confident, “Five minutes ago.” Continuous, automated monitoring of IT systems improves security and helps prevent data loss by providing a view into abnormal activity on the network. From a security standpoint, centrally controlled and managed compliance requirements provide a sound footing on which to attain (and maintain) control over the entire organization. Solutions that tell IT the stance right now, and capture changes in real-time, are the cornerstone to achieving confidence that the organization will pass the audit – and that it’s secure. Even properly controlled changes can have unintended results, and the IT team needs the ability to recover quickly and restore functionality so impact is minimized. Dell Governance, Risk and Compliance (GRC) solutions can provide all of this and more to help meet the challenges of running an enterprise in today’s increasingly complex and difficult world.

  • For more information on IT governance, risk and compliance, please read the Dell Software data sheet.

Supporting Quotes:
Security threats are evolving so quickly, and the consequences of failing to comply with regulations like FISMA are so severe, that real-time auditing and reporting on user activity is an essential line of defense for government agencies. As cyber threats continue to accelerate, agencies are reaching a tipping point where no-fail compliance and preventive hygiene should be a part of the fabric of daily operations. Real-time detection of vulnerabilities is critical to accomplishing a state of greater vulnerability awareness, and, ultimately, enhanced security resilience.”
Paul Christman, vice president, public sector sales and marketing, Dell Software

“At Dell Software, we listen to our customers, and, as a result, have developed a GRC methodology that provides real-world solutions to the difficult issues that arise with security and compliance. Our customers can proactively ensure visibility into their environment, simplify audits and reduce the risk of data breaches, failed audits and system downtime — so understanding and resolution are fast and efficient, all with a rapid ROI. We also offer unique capabilities that can prevent damaging or dangerous changes, enabling IT to potentially avoid incidents that would otherwise leave the organization insecure or scrambling to recover.”
Tim Sedlak, senior product manager, Dell Software

About the Survey
Dell commissioned Market Connections to determine to what extent agencies are using compliance and IT Governance software, and what features they deem most critical when selecting a tool. The poll surveyed 200 IT managers representing defense, intelligence and civilian agencies. Of the 200 respondents, 30 percent were from agencies in the defense/intelligence community; 63 percent were from civilian agencies; and seven percent identified as “other.”[i]

Delivering Complete and Connected Software Solutions
Dell Software empowers companies of all sizes to experience Dell’s “Power to Do More” by delivering scalable yet simple-to-use solutions that can increase productivity, responsiveness and efficiency. Dell Software is uniquely positioned to address today’s most pressing business and IT challenges with holistic, connected software offerings across five core solution areas, encompassing data center and cloud management, information management, mobile workforce management, security and data protection. This software, when combined with Dell hardware and services, helps customers simplify IT, mitigate risk and accelerate business results.

About Dell
Dell Inc. listens to customers and delivers innovative technology and services that give them the power to do more. For more information, visit www.dell.com.

Tweet This:
Half of Government Agencies Don’t Address Network Vulnerabilities Proactively per @dell survey

twitter linkedin google facebook

Dell is a trademark of Dell Inc. Dell disclaims any proprietary interest in the marks and names of others.

[i] Market Connections, Inc., “Governance, Risk and Compliance Software: Consistency Keeps Your Agency’s Data Secure,” a Dell Software Whitepaper; May 2014