ITIL Compliance Suite

Automate Alerting & Reporting

The IT Infrastructure Library (ITIL) is a process-oriented IT control framework for service management organizations. Developed in the late 1980s by the United Kingdom government, this framework has been widely adopted and is now the most accepted and used IT service management best practices approach in the world.

Overview

“Customers typically experience a return on investment of three months or less by automating the collection and storage of log data for PCI compliance and then using that data for audit. LogLogic’s Compliance Suite: PCI edition automates the process of validating, reporting and alerting on business and IT policies related to PCI compliance at a fraction of the cost of homegrown solutions.”

Pat Sueltz, CEO, LogLogic

In the late 1980s, the UK recognized that the cost of IT infrastructures must be controlled so they commissioned the Central Computer and Telecommunication Agency (CCTA) to address the issue. This directive resulted in the publication of the Government Information Technology Infrastructure Management, or GITIM. The goal of GITIM was to define a framework that would ensure the efficient and financially responsible use of IT resources within the British government and the private sector. Apparently, GITIM satisfied a need. Governments and private industry in Europe adopted the framework very quickly and soon was proclaimed the world’s “defacto standard” for IT service management. GITIM was ITIL version one.

Today’s ITIL version two was also developed by the UK government under the OGC which merged with the CCTA in 2000. Version two, like its predecessor, concentrated on the service management model but the new publications were more concise and usable. ITIL’s popularity continues to spread. Microsoft used the ITIL framework to develop the Microsoft Operations Framework (MOF) and the first ITIL-aligned British Standard (BS15000) has been issued. In 2005, the International Standards Organization (ISO) placed BS15000 on the fast track to becoming an ISO standard (ISO20000).

ITIL is divided into a service of eight publications commonly known as “sets”. The eight publications are:

  • Service Support
  • Service Delivery
  • Planning to Implement Service Management
  • Software Asset Management
  • Applications Management
  • Service Delivery
  • The Business Perspective
  • ICT Infrastructure Management

Together these publications describe the processes that are necessary for the effective management of IT organizations. According to ITIL, service management is composed of both service support and service delivery organizations whose working relationship with the customer is specifically defined by a Service Level Agreement (SLA).

The popularity of ITIL and IT and business processes automation is fueled by two concurrent market forces resulting into a ‘perfect storm’ for ITIL and IT Service Management:

  • The desire to reduce IT costs while maintaining and improving IT Service Quality
  • The requirement to create better control and visibility into IT for regulatory compliance

IT Service Management (ITSM) is a framework covering two major aspects: Service Support and Service Delivery. It is an integrated approach providing best practice guidelines to IT organizations on how to effectively delivery services to its business customers. ITSM is a set of process-based best practices comprised of processes, people, technology, organization, and integration. ITSM is generally employed to meet unique customer requirements and priorities. Service Delivery is a set of integrated processes focused on ensuring IT can provide adequate support to the business customers. Service Support is a set of integrated processes to ensure that users have access to the services to support the business functions.

According to ITIL, there’s a clear distinction between “Customers” and “Users.” Customers are defined as senior management who commissioned and paid for the IT services. Users are defined as people who use the services on a day-to-day basis.

IT Service Validation

Measurement and validation capabilities should be a first priority when considering IT Service Management. Effectively, you cannot manage what you cannot measure and putting in place any proactive management framework, from service level management to capacity planning, is fruitless if you cannot measure what is actually happening in your data center.

Metrics are critical to improving business performance. In order to prove that the ITSM implementations are effective and beneficial to the business, IT must be able to measure and validate the benefits of the ITSM implementation and the process improvements.

The importance of this cannot be overstressed, as inclusion of processes that cannot be effectively monitored almost always result in disputes and eventual loss of faith in the ITSM process. A lot of organizations have discovered this the hard way and as a consequence, have absorbed heavy costs both in financial sense as well as in the terms of negative impacts on their culture.

Metrics can also help to prove the value of ITSM before and after the projects gets approved. The best way to “sell ITIL” to the CIO is to provide concrete examples and figures on how ITSM benefits the organization. For example,

  • Cut incident resolution rates by 40%
  • Cut network failure downtime by 30%
  • Reduce labor waste by 25% (labor waste include time IT personnel has to run around to obtain information necessary to do their job)
  • Reduce IT infrastructure cost by 20%

To ensure success of the ITSM implementations, LogLogic has defined the following Service Validation steps based on collecting and analyzing log data that is already available in any data center today:

  • Assess the current state of the IT services
  • Monitor the ongoing status of the IT services
  • Measure the result of the process implementations
  • Validate the effectiveness and benefits of the process changes

Alerting & Reporting

The LogLogic Compliance Suite is the first solution of its kind to provide “out-of-the-box” support for COBIT 4.0 and ITIL, which are common frameworks used frequently by businesses to help achieve Sarbanes-Oxley Act compliance, and ensure security and availability of IT assets in general.

The reports and alerts monitor the majority of controls defined in the new COBIT 4.0 IT audit framework specifically and cover all four sections broadly. The COBIT controls and corresponding LogLogic reports and alerts cover six important areas of IT risk management:

  • Access: Identity and access monitoring
  • Activity: User activity monitoring
  • Change: Change control monitoring
  • Security: Security monitoring
  • Infrastructure: IT infrastructure monitoring
  • Continuity: Business continuity management

By automating compliance reporting and alerting based on critical infrastructure data collected and stored by LogLogic’s appliances, the LogLogic Compliance Suite removes the complexity and resource requirements from implementing policies such as COBIT and ITIL to successfully meet SOX and other regulations.

Compliance reporting and alerting from LogLogic is ideal for IT administrators, auditors and financial executives who want to reduce time to compliance and realize dramatic improvements in risk mitigation and audit accuracy.

LogLogic allows for ongoing data monitoring and reporting and long-term archival so you can attest compliance activities on an ongoing basis. Breakthrough Log Learning technology delivers the industry’s first smart behavioral alerts, which can be set by device, device group or network. Adaptive baseline, network policy and ratio-based alerts are all powered by artificial intelligence and machine learning technology. Managers receive early warning of insider misuse and unusual or suspicious behavior they can act quickly.

Customizable Compliance Reporting

LogLogic Compliance Suite uses LogLogic’s unique Agile Reporting Engine to allow on-the-fly customization of templates. Using Agile Reporting functionality, customers can match information log data against specific corporate controls and policies. Agile Reporting differentiates LogLogic’s compliance solution from industry alternatives based on static reports. Instead of having to write Perl scripts of statements to customize reports, Agile Reports can be customized with a few simple mouse clicks.

Real Alerts and Reports Based on Real Data

LogLogic Compliance Suite delivers reports and alerts on all four areas of the IT risk management framework defined by COBIT:

  • Plan and organize (PO): This domain covers strategy and tactics, and identifying the way can best contribute to achieving business objectives.
  • Acquire and implement (AI): To realize the IT strategy, IT solutions need to be identified, develop or acquired, as well as implemented and integrated into the business process.
  • Delivery and support (DS): This domain is concerned with the actual delivery of required services, which includes service delivery, security and continuity management, service support for users, and data and operational facilities management.
  • Monitor and evaluate (ME): All IT processes need to be regularly assessed over time for quality and compliance with control requirements. This domain addresses performance management, internal control monitoring, regulatory compliance and governance.

ROI

LogLogic customers normally experience a return on their investment of six months or less. The ROI of deploying the LogLogic solution can be measured in terms of:

  • Reduced cost and complexity of log management. LogLogic accelerates the time to identifying and reporting on critical log data and significantly reduces the infrastructure and labor costs associated with log management.
  • Improved storage and log data retention, reducing the amount of storage required and better utilizing existing NAS and SAN resources.
  • Better utilization of existing network and IT management systems. Log Routing technology directs critical log data, alerts and reports to the application of your choice, reducing the need to manage multiple systems and the associated costs of training, maintenance and support.
  • The ability to capture log data from virtually any application or device, eliminating the need for multiple systems. You can capture and store your data once, then report and alert to many different applications.
  • Reduced downtime and accelerated threat remediation — LogLogic protects valuable data, saving resources and reducing downtime.
  • Automate key compliance activities such as log data collection, retention and analysis. LogLogic generates reports in real-time for proof of compliance.
  • Improved business continuity through mitigating the risk of network incidents and attacks.
  • Improved security by deterring IP theft and malicious attacks, and achieving greater insight into user activity

Learn More