Processes and tools that help address ongoing and increasing security monitoring needs.
A Security Information and Event Management System (SIEM) helps organizations and their security professionals identify and promptly respond to threats, demonstrate compliance with regulatory requirements, and perform sophisticated forensics.
This service includes a log management appliance that collects and manages logs from selected systems, as well as an event monitoring system that correlates events for incident response and reports on compliance. The system sends automated alerts and reports to requestors.
Although part of a broad-reaching enterprise system, individual customers log into segregated areas and monitor according to an organization's requirements.
Services offered include log management, event correlation, start-up assistance, modification and customized report generation.
This service is provided to the executive branch. For more information about using this service, contact your Account Manager.
Responsible for gaining situational awareness through continuous monitoring of networks and other IT assets for signs of attack, anomalies, and inappropriate activities.
Enterprise Information Security Monitoring (EISM) is responsible for gaining situational awareness through continuous monitoring of networks and other IT assets for signs of attack, anomalies, and inappropriate activities.
Security Information Event Management (SIEM) and Intrusion Detection Prevention (IDP) are the centrally managed components of the EISM service. This service is offered to executive branch agencies, customers of the state’s consolidated datacenters, counties and cities with critical infrastructure to improve the situational awareness within the state.
Situational Awareness is an expensive and difficult service to deploy in a high distributed environment and at the customer-level. Service consolidation makes this financially possible for all consolidated customers.
Improved Security Profile and Compliance ensures better security through uniform and repeatable processes. It is difficult to develop and enforce good situational awareness at the agency level. This system along with management processes will improve the state security profile. This will meet compliance goals and reduce audit expenses.
Economy of Scale/Quality of Service reduces costs to develop new government systems by leveraging a centralized solution. With a centralized utility system, MN.IT Services can allocate the resources necessary to manage the system. Keeping the technical expertise is difficult and expensive since these are often part-time positions. Centralizing provides an obvious improvement to the situation.
Improved Cyber Attack Capability provides an enterprise view where attacks may use information from one application to attack another agency. EISM central monitoring will provide:
Is your organization planning to: