In a recent podcast interview with Hillarie McClure, Multimedia Director of Cybercrime Magazine, Robert E. Johnson III, Cimcor CEO/President, discusses how to elevate your security posture using file integrity monitoring. The podcast can be listened to in its entirety below.
Welcome to The Data Security Podcast sponsored by Cimcor. Cimcor develops innovative, next-generation file integrity monitoring software. The CimTrak Integrity Suite monitors and protects a wide range of physical, network, cloud, and virtual IT assets in real-time while providing detailed forensic information about all changes. Securing your infrastructure with CimTrak helps you get compliant and stay that way. You can find out more about Cimcor and CimTrak on the web at cimcor.com/cimtrak.
Q: Robert, good to be speaking with you again.
A: Hello, Hillarie. Glad to be on your show again, appreciate that you invited me.
Q: Yeah, of course, my pleasure. I've invited you to talk about managing change. So you know, we've talked about organizations needing to manage changes that occur in an IT environment in the past. But, I guess let's kinda dive deeper into that topic for our conversation today. You know, what does that really mean?
A: IT environments are growing in complexity. Furthermore, the speed of business is just accelerating at a pace that's incredible. So industry must make changes and update systems faster than ever. Many of these changes are good, such as patches and software updates. However, changes should never be random, nor should they be performed ad hoc. So by that, I mean a strong change management process provides this framework for defining upcoming changes to IT systems, understanding their impact, systems that will be impacted, and documenting when they've been implemented. All with this ultimate objective of reducing and eliminating any incidents that may negatively impact the business. The reality of it all is that implementing this is easier said than done.
Q: I guess it's not just documenting when things change. Robert, can you elaborate more on change management and how it can help with an organization's network?
A: A strong change management process first starts with understanding what you have in your environment - what you have in your infrastructure. What are the hardware assets? What is the software? Configuration files, and the settings that are actually critical to your business. Many companies follow an ITO model as a framework for managing change - and I'm a fan of that. And when you have strong change management processes in place, you can expect increased up-time and fewer IT-related incidents that are related to human error, to be honest. Where things tend to go wrong, are these unexpected changes.
You can have the best change management process in the world in place. But have you considered, if your systems are actually in the state that you expect? Say that you have hardened the operating system before you wrote a system out or a server out. A month later, is that system still in that same hardened state? What if an engineer is in a rush and temporarily changed the setting and forgot to change it back? Would you identify that? Um, or you've installed an update to some software, and now it opens a new TCP listening port? Or a disgruntled employee increases privs of a user to admin on your domain controller.
You know a great change management process would not identify any of those changes. A great change management process only helps folks that are willing to work within the lines, follow the process, document it, and do it in a manner that reduces impact on their business. But for those outliers, those things you don't expect - that's when these change management processes really break down. So I think we need to extend that ITO model to include what we at Cimcor call the change reconciliation workflow. By leveraging next-gen file integrity monitoring and system integrity assurance tools.
It's actually possible to go beyond just the change requests and approvals and move to something more that verifies everything. In fact, I will call it "change verification." Ensuring that the expected changes have occurred - identifying most of the changes that should have not occurred.
Q: I guess, then how can organizations do this all the time? Change management, you know, change monitoring. You know what, this sounds like it can be a lot. So what can help that?
A: Well, at Cimcor we've been working hard on a platform called the CimTrak Integrity Suite. Our objective is to facilitate every aspect of the change management process and change verification process, and allow you to control that entire process with a single product. CimTrak includes its own ticketing system, but can also integrate to third-party systems such as ServiceNow and BMC Remedy. CimTrak helps you easily document exactly how the systems are configured and can help you quickly identify anytime changes deviate from that expected configuration.
In the end, CimTrak helps you reduce the impact to unexpected changes, increase up-time, improve your change management process, and most of all - it dramatically reduces the time that organizations spend remediating security events and unexpected changes. And the end result, it's going to be increased up-time, happier customers, and you're staying on point for the mission of your organization.
Q: Robert, thank you so much for joining me today. I'm sure our audience really enjoyed this episode, and as always, I'm looking forward to next time.
A: I appreciate it, Hillarie. I appreciate being on the show, and to anyone in your audience, if they're interested in actually trying our product in their own environment to kind of improve their own change management process, we'd love to show you the product in a demo, or let you try it in your own environment with a free trial. Just reach out to us directly on our website at www.cimcor.com that's C as in cat, I, M. C. O. R.com
Q: Wonderful. Thank you, Robert.
A: Thank you.
November 8, 2022