Tip:
Highlight text to annotate it
X
I have just presented about Tivoli security information event management.
This project was initiated by various concerns we had around control, and
the way in which certain things are happening at this moment related to
the control of privileged users, assignment of access privileges to such
users, control of heterogenous environment consisting of various devices and operating
systems. What followed were the reports from auditors which clearly specified that there
were potentially significant risks in these areas, that there was no segregation of
duties, and all this called for a whole bunch of people in the IT so that no one person
would have the ability to perform fraud or breach the system. Next came the reports
from our supervisory bank, Central Bank of Macedonia, which again stressed out the problem
of "all-mighty" people from the IT, who hold all the administrative passwords and access
codes for all the systems which basically allows them to do whatever they please. This
was one of the reasons for regulating this area and passing legislation requiring control
of all activities on all systems: databases, applications, network devices, servers, and
even telecommunication equipment. The legislation was passed in 2007, and the banks were given two
years to implement and put into production a solution to prevent this. We put together a list
of requirement, based on this we published a Tender, and selected Tivoli TSIEM, because it
was the best fit for our requirements.
We are currently in the production phase, I can't say that we are fully live because we
are still defining policies and grouping events.
We also need to move the management consoles to the Compliance department, for internal
audit and revision purposes, as we do not want to end up controlling ourselves.
From that point they will be our project team and they will be providing requirements which we will be implementing.