Responsible for gaining situational awareness through continuous monitoring of networks and other IT assets for signs of attack, anomalies, and inappropriate activities.
Enterprise Information Security Monitoring (EISM) is responsible for gaining situational awareness through continuous monitoring of networks and other IT assets for signs of attack, anomalies, and inappropriate activities.
Security Information Event Management (SIEM) and Intrusion Detection Prevention (IDP) are the centrally managed components of the EISM service. This service is offered to executive branch agencies, customers of the state’s consolidated datacenters, counties and cities with critical infrastructure to improve the situational awareness within the state.
Situational Awareness is an expensive and difficult service to deploy in a high distributed environment and at the customer-level. Service consolidation makes this financially possible for all consolidated customers.
Improved Security Profile and Compliance ensures better security through uniform and repeatable processes. It is difficult to develop and enforce good situational awareness at the agency level. This system along with management processes will improve the state security profile. This will meet compliance goals and reduce audit expenses.
Economy of Scale/Quality of Service reduces costs to develop new government systems by leveraging a centralized solution. With a centralized utility system, MN.IT Services can allocate the resources necessary to manage the system. Keeping the technical expertise is difficult and expensive since these are often part-time positions. Centralizing provides an obvious improvement to the situation.
Improved Cyber Attack Capability provides an enterprise view where attacks may use information from one application to attack another agency. EISM central monitoring will provide:
Is your organization planning to:
© Copyright 2013 MN.IT Services - State of Minnesota