SHARE

L1M3 Explainer Part 5 – Security and Compliance

Welcome to part five in our Observability Maturity Series, Security, and Compliance. Earlier portions of this series introduced the Five Phases of Maturity and the first three areas of the Assessment and Planning topics.

You can see earlier blog posts in this series here.

In part five, we build on the earlier posts and introduce the concept of Security and Compliance.

As a result of the Sunburst and Supernova attacks in late 2019, this area has received incredible scrutiny within SolarWinds and among those with Orion deployments.

At Loop1, we’ve been teaching and practicing an intrinsic approach to security since 2009.  One of my biggest regrets in my career is that I didn’t have a stronger cyber-security mindset when I worked at Microsoft on the Windows 2000 product. We should have shipped a much more secure default install (with more services disabled, not enabled by default), and we should have created a read-only, least privilege model of active directory security for monitoring purposes, both within Active Directory and WMI. Nonetheless, hindsight is 20/20, as they say.

In the L1M3 Model, we don’t have a ‘security’ pillar or phase to maturity. Instead, security concepts are ‘built-in’ to the model in every phase. Some phases are explicitly dependent on not only having appropriate cyber-security habits but also automating those practices and making them proactive.

An intrinsic approach to security applies not only to how the Orion platform is deployed but also to knowing the capabilities in the SolarWinds suite of products and leveraging them fully to ensure strong cyber-security hygiene throughout IT operations.

In this way, the concept of Feature Awareness we discussed previously becomes even more critical. SolarWinds offers many products and capabilities that we encourage our clients to adopt. We’ve added two additional vendors to our offerings (Runecast and Portnox) to ensure complete cyber-security hygiene coverage. We simplify the approach to this complex topic by dividing our security best practices into two categories:  Configuration Security and Operational Security.

Configuration Security is just as it sounds, understanding the desired configuration state of our environment, documenting the environment for a baseline configured state, and auditing changes to the environment to ensure all changes are authorized, detect unauthorized changes, and remediate changes when necessary.

We leverage a variety of SolarWinds tools and solutions to do this; Patch Manager, Network Configuration Manager, Server Configuration Manager, and  Access Rights Manager. All of these tools offer the ability to document, manage and detect changes to system and network configurations.

Operational Security includes both event analysis and vulnerability detection. Both Security Event Manager and Log Analyzer, as well as Network Configuration Manager, Server Configuration Manager, and Patch Manager, all feature capabilities that cover our operational security needs. Server and Application Manager, with the AppInsight for Active Directory feature, also plays a key role here, greatly simplifying the monitoring of Active Directory for performance, availability, and security.

Again, gaining awareness of these SolarWinds solutions and tools leads to that familiar refrain, “I didn’t know SolarWinds could do that.”

Tough lessons have been learned, and the days of security being something done ‘after’ systems are architected and built are long gone. An intrinsic approach to security and compliance is expected in IT Operations today, and the L1M3 model is built to support and enhance your cyber-security effectiveness.

In part 6 of this series, we will introduce the Automation and Integration assessment area and discuss native and API-based correlation between tools combined with SDK-based automation to enable full scalability.

Author

Recent Posts
Digital Transformation
Digital Transformation is Driving Observability Adoption... and it’s Delivering Success!
Great Place to Work
Celebrating Success Loop1 Sri Lanka Ranks Among the Top 10 IT/ITES Workplaces
blog featured image
'Tis the Season of the Freeze
blog image
L1M3 Explainer Part 7 – Data Analytics and Business Outcomes
blog image
L1M3 Explainer Part 6 – Automation and Integration
blog image
L1M3 Explainer Part 5 – Security and Compliance
blog image
L1M3 Explainer Part 4 – Observability Data and Metrics
blog image
Observability and Maturity Part 3 – Feature Awareness
Shopping Cart
Scroll to Top