Retail Reduces Unauthorized Changes to Its IT Infrastructure by 70 Percent
SAN MATEO, Calif. - The results from a Fortune 500 evaluation show the frequency of authorized and unauthorized daily changes made across enterprise IT systems and applications is higher than most IT staff realize. Because changes vary in type and purpose, Active Reasoning, a leading provider of IT Governance Automation solutions, commenced 2007 with a monitoring initiative to observe changes made to its customers’ IT infrastructures, comparing activity month-to-month. The data collected demonstrates the volatility of IT systems and reinforces the critical need for real-time change and activity monitoring tools.
Feedback from a national retail chain using Active Reasoning System 5 software to monitor its Oracle Financials system revealed significant progress over the January through February period. Out of the 23 changes made to the system in January, 14 were unauthorized, a disturbing 70 percent. Through the use of real-time change monitoring tools, this same company was able to report zero unauthorized changes in February. This positive shift enables a high level of confidence in risk management assuring improved security, reliability and compliance practices.
“The most important thing for companies to ensure is that all changes are identified as authorized or as unauthorized, and that unauthorized changes are not only detected, but immediately reported and repaired,” said, Dave Di Lena, vice president of products at Active Reasoning. “Our customers are reporting strong results in their ability to manage change across mission-critical enterprise applications. This feedback reinforces the fact that all Fortune 500 companies can achieve comprehensive risk management progress through change monitoring initiatives and see results in as little as eight weeks.”
Active Reasoning will continue its monthly evaluation report to track change activity across Fortune 500 companies. Changes tracked from January through February rose from 69 changes per system per day in January to 319 in February. The rise was not the result of extraordinary circumstances (i.e. a major software upgrade, which can produce thousands of detected changes), but rather from routine system change volatility.
Further findings from Active Reasoning’s customer base include:
In January, 0.7% of all changes were flagged as unauthorized.
In February, the figure fell to 0.2% changes flagged as unauthorized, a 70 percent improvement.
While many IT organizations try to make most planned changes on weekends, to minimize disruption of work, Active Reasoning has observed that most of its customers deploy some portion of application updates during the workweek. This is typical of important security upgrades that can’t wait for the weekend, reflecting the trade-offs between maintaining system security while minimizing volatility brought about by change.
The decrease in unauthorized changes indicates that companies with real-time change and activity monitoring tools continue to improve their ability to enforce IT controls that prevent compliance, security and reliability risks. Active Reasoning System 5 represents the next step in Active Reasoning’s strategy to fully automate enterprise-wide controls for policy enforcement and governance automation so that IT organizations can improve service delivery, mitigate operational risk and reduce IT control costs.
This news content was configured by WebWire editorial staff. Linking is permitted.
News Release Distribution and Press Release Distribution Services Provided by WebWire.