Symantec Control Compliance Suite ensures compliance by automating IT audit process

Symantec Corp. (Nasdaq: SYMC) today announced that Kitsap Community Federal Credit Union is using Symantec Control Compliance Suite to efficiently comply with government, industry and corporate regulations without draining IT resources. By automating IT security audits, Kitsap is able to protect its members’ financial investments and the security of their information while reducing IT overhead. The result is a savings of $120,000 per year on staff administration time formerly spent gathering audit information.

Kitsap is a financial cooperative serving residents in the state of Washington’s Kitsap Peninsula. During the past 72 years the company has grown to handle more than $677 million in assets as of January 31, 2007. Subject to regulations like the Gramm-Leach-Bliley Act and standards set forth by the National Credit Union Association, Kitsap must provide detailed and frequent IT audits and demonstrate due diligence in adhering to strict security policies.

Without the tools to automate IT audits, Kitsap’s IT administrators were required to manually check every system and user account to ensure the proper security configurations and permissions were in place. With the help of Symantec Control Compliance Suite, Kitsap is now able to provide security audits across all systems and measure compliance based on configuration standards.

“Gathering information and preparing for an IT security audit used to take more than 40 hours of IT staff time,” said Michael Mally, technical security manager, Kitsap Credit Union. “Symantec has helped us streamline an otherwise time-consuming and error-prone process while reducing the amount of resources we need to ensure compliance. Symantec Control Compliance Suite’s automated process has helped us shorten this time to two hours"

Obtaining Visibility into Security Risks

Symantec Control Compliance Suite helps Kitsap’s IT staff quickly identify and remedy security deficiencies in systems across the organization. From a single console, Kitsap manages the process of data gathering and reporting on the security of operating systems, directories, applications and databases.

Kitsap uses Control Compliance Suite for generating reports that offer auditors, senior management and IT staff visibility into key security issues such as users who have access rights, users who have not logged on for the past 30 days, and disabled accounts. This automated process has dramatically reduced the time needed for security reporting in advance of the independent audits that take place several times each year. The solution paid for itself in three months by significantly simplifying, automating and reducing compliance costs.

“Symantec solutions have not only helped us reduce audit preparation time and costs, but they have helped us identify non-compliant systems,” said Mally. “Within minutes I can define standards and control systems, and view reports that tell me exactly which servers are complying and which are at risk. Achieving 100 percent compliance on security audits is no longer just a goal—it’s a reality.”

About Symantec

Symantec is a global leader in infrastructure software, enabling businesses and consumers to have confidence in a connected world. The company helps customers protect their infrastructure, information and interactions by delivering software and services that address risks to security, availability, compliance and performance. Headquartered in Cupertino, Calif., Symantec has operations in 40 countries. More information is available at www.symantec.com.