Configuresoft's ECM Automated SOX Compliance Drives ''Value Every Time'' for Dollar Thrifty Automotive Group, Inc.; ''Auditors gain another level of security'' with Enterprise Visibility, Reporting Integrity.COLORADO SPRINGS Colorado Springs, city (1990 pop. 281,140), seat of El Paso co., central Colo., on Monument and Fountain creeks, at the foot of Pikes Peak; inc. 1886. It is a year-round resort and a booming military, technological, and commercial city. , Colo. -- When Dollar Thrifty Automotive Group, Inc. (DTAG DTAG Deutsche Telekom AG DTAG Dollar Thrifty Automotive Group, Inc. DTAG Defense Trade Advisory Group DTAG Destination Tag (Sprint) DTAG Development Training Advisory Group (UK) ) found itself consumed with manual checks and spreadsheets to collect data for internal auditors, the Company turned to Configuresoft's Enterprise Configuration Manager (ECM (1) (Enterprise Change Management) See version control and configuration management. (2) (Error Correcting Mode) A Group 3 fax capability that can test for errors within a row of pixels and request retransmission. ). ECM offers DTAG an out-of-the-box, automated solution to manage security event log data, patch levels and versions of anti-virus software anti-virus software n → Antivirensoftware f to ensure compliance with internal policies and Sarbanes-Oxley regulations. Within 30 days of purchasing ECM, DTAG implemented it across its 500 servers and was quickly on the road to automated compliance. This greatly reduced the risk for error in compiling data for auditors and ensuring data integrity. Five months following implementation, DTAG is using ECM for assessment, asset management, auditing, configuration management, compliance, patching and remediation tasks. Now, DTAG is producing monthly reports to fulfill auditing requirements. Engineers run continuous checks and produce automated reports from data in ECM's configuration management database (CMDB CMDB Configuration Management Data Base CMDB Composite Modified Double Base (Propellant) CMDB Control and Monitor Display Builder CMDB Call Management Database ) to address auditing inquiries. The data is not exposed to manual interpretation or collection, making it reliable and secure. "The auditors gain another level of security knowing the data has not been tampered with," said Robert Stewart Robert Stewart may refer to:
The Fortune 1000 Company, headquartered in Tulsa, Oklahoma Tulsa is the second-largest city in the state of Oklahoma and 45th-largest in the United States. With an estimated population of 382,872 in 2006,[1] it is the principal municipality of the Tulsa Metropolitan Statistical Area, a region of 897,752 residents projected to , is driven by its "Value Every Time" mission. The Company's Dollar Rent-A-Car and Thrifty Car Rental brands serve value-conscious travelers in approximately 70 countries; the Dollar or Thrifty brands operate in virtually all of the top U.S. airport markets, and both operate in all of the top Canadian airport markets. With more than 1,600 corporate and franchised worldwide locations, including more than 800 in the United States and Canada, the Company struggled to track inventory, and the engineers were unable to merge data from multiple hardware management systems. As a large, distributed environment, DTAG was unable to accurately report on the status of its enterprise. One of DTAG's biggest challenges was in knowing if patches successfully deployed. Additionally, DTAG engineers had to collect and compile the data manually, which risked error and manipulation. Reliant on manual intervention, the Company had no way to provide confirmation of data integrity that the auditors required. Engineers found they could also use ECM across functions to accomplish daily tasks. Among the unexpected rewards, Stewart noted, "Finding a unique way to automate our inventory was fantastic." The Server Management group was creating a custom database to track both hardware and asset inventory. Once they learned they could create machine groups and assign administrators to each group with ECM, they could also identify the machine administrator, physical location and user. "ECM provides visibility across our enterprise," he said. "It opened up opportunities for better systems management." Today, ECM is central to DTAG operations for security, compliance and control. ECM illustrates when standards are met and measures the engineers' progress in keeping systems current. "We are managing our systems the way we want to," said Stewart. "Being able to determine our system status and what needs to be done, and then schedule the tasks, is a huge benefit." About Enterprise Configuration Manager By standardizing and monitoring server and client configurations by role, ECM ensures continuous operational compliance with regulatory, industry and corporate standards throughout a computing infrastructure. Sustained by a proven and scalable architecture, ECM collects tens of thousands of detailed asset, security and configuration settings from each Windows, UNIX UNIX Operating system for digital computers, developed by Ken Thompson of Bell Laboratories in 1969. It was initially designed for a single user (the name was a pun on the earlier operating system Multics). and Linux server and workstation--storing that information in a centralized configuration management database (CMDB) for immediate access, analysis and reporting. ECM can enforce security policies by automatically resetting configurations to their desired state when an unauthorized change (or deviation) occurs. These capabilities help IT organizations keep their mission critical systems properly configured, while ensuring security compliance with regulatory requirements such as Sarbanes-Oxley, HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, , GLBA GLBA Gramm-Leach-Bliley Act of 1999 (Financial Modernization Act of 1999) GLBA Gay and Lesbian Business Association GLBA Great Lakes Booksellers Association GLBA Glacier Bay National Park and Preserve , PCI DSS and FISMA FISMA Federal Information Security Management Act of 2002 FISMA Federal Information System Management Act . About Configuresoft Configuresoft is an innovator in systems management technology, ensuring continuous compliance with internal policies and external regulations across today's heterogeneous computing infrastructures. Spanning both security and operations, the Company's configuration management, compliance and remediation products are used by 11 of the world's 25 largest companies to keep their critical systems properly configured, while ensuring compliance with regulatory requirements such as Sarbanes-Oxley, FISMA, GLBA, Basel II, HIPAA and DISA 1. (body) DISA - Defense Information Systems Agency. 2. (standard) DISA - Data Interchange Standards Association. , and industry standards such as ISO (1) See ISO speed. (2) (International Organization for Standardization, Geneva, Switzerland, www.iso.ch) An organization that sets international standards, founded in 1946. The U.S. member body is ANSI. 17799, PCI DSS and Microsoft Security Hardening Guides. To contact Configuresoft, please call (888) U-CONFIG or visit www.configuresoft.com. |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion