Security Products
Showing results for 
Search instead for 
Do you mean 

Tip #1: Centralized approach – Unify security & IT operations

Sridhar Karnam (Sri_Karnam) ‎08-30-2012 12:19 AM - edited ‎09-09-2015 11:11 AM

You can secure if you can “see” it. My tip #1 is to have a centralized approach where you see every log data from every log generating source. Since “seeing” everything means more machine data, you need right tools such as security and identity focused event correlation engine that helps you understand and analyze the risks in your IT. The last step is to take actions using the IT operations tools.



centralized approach.png



The convergence of IT operations and security operations has been an ongoing effort in most of the dynamic enterprises. The benefits of this convergence is clear to many organizations that need to optimize resources, lower cost, increase efficiency in both groups, and deliver an open and secure platform for communication and collaboration.

The security and IT operations integration empowers your organization to effectively manage your IT infrastructure, while keeping your IT infrastructure secure.




Overcome data scalability challenges

As the size of the managed environment grows, the monitoring of the events from the infrastructure elements becomes onerous. IT Operators rely on event reduction techniques such as correlation engines, or limit either the breadth or depth of data collection to only machine data from business critical applications.


Simplify log file management challenges

The machine data collected is typically raw, device-specific, and vendor-specific data. There are no tools to search any events or logs. The data is also retained for short term, as the objective of an IT operation is to keep the services up and running at all the time.


Build security intelligence through event analytics on historical data

This short retention of data limits the intelligence in the system as events fixed and annotated few months ago may not be stored to retrieve. The alternate option is to invest in expensive databases and resources to manage the data.


Unified data with operations, security, and compliance context

Integrating log management solution and IT Operations is mutually beneficial to both organization. With the increasing number of cyber-attacks it is critical to share the tools and knowledge between security and IT operations as many organizations can’t detect breach until it’s too late.


Simple control can prevent 97% of the data breaches*

The Data Breach Investigation Report (DBIR) of 2012 conducted by Verizon, states that 98% of the data breaches come from external agents. 97% of those breaches were avoidable through simple controls such as log management solution.  


In all of these breaches studied, 92% of them were reported by third parties. It is an embarrassment to organizations if they do not detect a breach in their internal system. Log management plays a critical role in the organization to detect and share the knowledge about security threats that can be prevented through IT Operations.




Start with a simple log management solution that helps your IT operations to increase the breadth and depth of data collection. Then add simple security information and event management (SIEM) solution which helps you with security-focused, identity based, real-time, cross-device correlation engine that tells you who is doing? What? When? And how? This helps you respond and prevent to breaches faster.



We will get into details about analyzing all this big data in the future tips. The next tip is about using the centralized approach.


Start here by downloading a free trial of log management solution at


The Data Breach Investigation Report (DBIR) of 2012 conducted by Verizon 

About the Author


Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
1-3 December 2015
Discover 2015 London
Discover 2015 in London, the ultimate showcase technology event for business and IT professionals to learn, connect, and grow.
Read more
November 2015
Software Online Expert Days
Join us online to talk directly with our Software experts.
Read more
View all