Skip to:

Enterprise Information Security Monitoring (EISM)

Responsible for gaining situational awareness through continuous monitoring of networks and other IT assets for signs of attack, anomalies, and inappropriate activities.

 
 


Overview

Enterprise Information Security Monitoring (EISM) is responsible for gaining situational awareness through continuous monitoring of networks and other IT assets for signs of attack, anomalies, and inappropriate activities.

Security Information Event Management (SIEM) and Intrusion Detection Prevention (IDP) are the centrally managed components of the EISM service.  This service is offered to executive branch agencies, customers of the state’s consolidated datacenters, counties and cities with critical infrastructure to improve the situational awareness within the state.

Situational Awareness is an expensive and difficult service to deploy in a high distributed environment and at the customer-level.  Service consolidation makes this financially possible for all consolidated customers.

 
 

Features & Benefits

 

Improved Security Profile and Compliance ensures better security through uniform and repeatable processes. It is difficult to develop and enforce good situational awareness at the agency level. This system along with management processes will improve the state security profile.  This will meet compliance goals and reduce audit expenses.

Economy of Scale/Quality of Service reduces costs to develop new government systems by leveraging a centralized solution. With a centralized utility system, MN.IT Services can allocate the resources necessary to manage the system. Keeping the technical expertise is difficult and expensive since these are often part-time positions. Centralizing provides an obvious improvement to the situation.

Improved Cyber Attack Capability provides an enterprise view where attacks may use information from one application to attack another agency.  EISM central monitoring will provide:

  • Reduced time and costs to investigate security incidents.  Security professionals focused and knowledgeable about the enterprise can quickly correlate information.
  • Improved security incident communication across the enterprise.  The centralized service communicates attacks to other agencies so you are aware of the enterprise security profile.
  • Consistent and robust security monitoring capabilities across all agencies, including those with limited resources.  It is cost effective for smaller agencies to purchase a monitoring service specific to their requirements.
  • Enhanced availability and performance awareness for all government computer systems.
  • Improved ability to fulfill regulatory and compliance requirements.  This service and related policies and standards are designed to meet customer compliance requirements.
  • Security events are automatically identified and investigated giving the customer the ability to make educated risk decisions.
  • This service gives the customer the ability to focus on their business and not on security.
  • Provided as a utility service being capable of delivering standardized, scalable IT functions that do not require the customer to assume any operations responsibility.
 
 

Getting Started

Is your organization planning to:

  • Migrate to a consolidated data center?
  • Become compliant with regulations regarding situational awareness?

Contact your Account Manager    Visit the MN.IT Mall for more information