Seriously, they’re asking you to provide that again?!
Nobody likes to hear they are being audited. Although requests for IT inventory, software license, security and compliance audits have become routine for IT departments, the effort to conduct them has not because no IT audit is exactly the same as any previous one. Often the requested information has changed and so have the assets that are the focus of the audit.
Effective enterprise IT audits depend on knowing about all physical, virtual and cloud assets. They require specific details about each server, desktop, application, database, and middleware and especially their relationships. This can be tricky enough if you own the assets but what if you’re dependent on another party to provide the info? M&A is one example. The acquiring company needs to know about the systems they are about to acquire (or, in reality, already acquired) so IT Ops can support and likely consolidate them. Same for IT security. Sure, ITSec has tools that can detect vulnerabilities or stop outside intrusions, but generally they rely on IT Ops to provide detailed inventory and configuration information- which they don’t always have. Compliance doesn’t have it any easier. How can they demonstrate compliance with regulations such as SOX, HIPAA or PCI, if no one can tell them for sure which assets are in scope because the full relationships are not understood? Enterprise IT has become so siloed that collecting, correlating and reporting this data is often difficult and always time consuming.
Virima breaks down the information silos by providing accurate, detailed asset configurations and easy to understand visual topologies of the relationships and dependencies between assets and business services. Virima turns information into actionable intelligence. IT Ops has the necessary details to support the IT assets that give the company life. Security can see for themselves that a suspect configuration change was made, which operating systems are missing security patches, or if vulnerable software has been installed. Compliance auditors can report with confidence that all regulated systems are accounted for and demonstrate compliance. Establishing and maintaining baselines for asset information allows all groups to focus on the exceptions and not on time consuming and error prone process of collecting data.
- Automatically establish a truthful baseline of assets, configurations & installed software
- Receive notification of any asset configuration & status changes
- Map all relationships, hierarchies, & dependencies
- Visualize which systems support specific business services and are subject to regulatory compliance or audit
- Search for missing security patches, unapproved software, and suspicious processes/services
- Detect if any hosts are communicating to external machines that shouldn’t be
- Flexible reporting, customizable dashboards and ease of data importation & exportation