Symantec Security Enhanced by Workflow - Part V

The Symantec Workflow Business Practice has developed Workflow templates around 4 products in their Security suite; Control Compliance Suite (CCS), Critical Systems Protection (CSP), Data Loss Prevention (DLP), and Symantec Endpoint Protection (SEP). The templates add some proactive business processes around the already great products from Symantec. The templates are available to Symantec clients for free and WEVO can help you get them implemented if you don't have a Symantec Workflow expert on staff.

This week we're focusing on Symantec EndPoint Protection. Below we will be sharing information from Workflowswat.com to describe the features and functionality of the template. You can also access videos at www.workflowswat.com/process-templates.html.

SEP Event Management Template

This template provides a “Best Practice” process to assist customers with managing SEP endpoints.

The main features of this template are…

• Endpoint updates and scans. When Workflow discovers an endpoint that has an unresolved alert in SEPM, Workflow automatically runs the SEP virus update process on the endpoint and initiates a targeted scan. The results of the scan are sent to the SEP admin when complete.
• Routing Rules/Automatic assignment – A console has been created in Workflow that allows the SEP administrator to configure “Routing Rules”. These rules are then used to automatically assign SEP Alert, Host Integrity, or Old Definition tasks to the various groups responsible for remediating items that SEP discovers. Note – This process is only used when an item cannot be automatically remediated via automatic updates and scans.
• Audit reporting – Who, What, When. Customers can run process reports by Group, Virus Type, and Date Range. These reports can be provided to regulators and help avoid many of the challenges that can occur during an audit. Also, these reports add value by providing metrics for continuous process improvement.
• Customers can take the base template and extend it to integrate with other systems as needed.

This is the last post in the Symantec Security Enhanced by Workflow series. We'll keep you posted as new Workflow templates are developed by Symantec as well as other topics relating to Workflow and ServiceDesk 7.

Symantec Security Enhanced by Workflow - Part IV

The Symantec Workflow Business Practice has developed Workflow templates around 4 products in their Security suite; Control Compliance Suite (CCS), Critical Systems Protection (CSP), Data Loss Prevention (DLP), and Symantec Endpoint Protection (SEP). The templates add some proactive business processes around the already great products from Symantec. The templates are available to Symantec clients for free and WEVO can help you get them implemented if you don't have a Symantec Workflow expert on staff.

This week we're focusing on Data Loss Prevention. Below we will be sharing information from Workflowswat.com to describe the features and functionality of the template. You can also access videos at www.workflowswat.com/process-templates.html.

DLP Scan Remediation Template

This template provides a “Best Practice” process to assist customers with managing DLP “Data At Rest” Network and Endpoint scan results. The substantial benefit this process provides is the moving of the work from a centralized DLP admin group out into the Business Units. By distributing the work, the amount of time it takes to get an environment compliant will be significantly reduced.

The main features of this template are…

• Workflow automatically aggregates scan results by file owner. Workflow will send a link to an end user that will display a console with all of the files they own that are in breach of a DLP policy. This end user interface will allow the user to select files and take one of the three following actions…

1. Delete the file
2. Encrypt the file
3. Quarantine the file

• Audit reporting – Who, What, When. Customers can run process reports by DLP Policy, File Owner, and Date Range. These reports can be provided to regulators and help avoid many of the challenges that can occur during an audit. Also, these reports add value by providing metrics for continuous process improvement.
• Customers can take the base template and extend it to integrate with other systems as needed.

Next will the be last part of the Symantec Security Enhanced by Workflow series as we focus on the Symantec Endpoint Protection (SEP) template.

Symantec Security Enhanced by Workflow - Part III

The Symantec Workflow Business Practice has developed Workflow templates around 4 products in their Security suite; Control Compliance Suite (CCS), Critical Systems Protection (CSP), Data Loss Prevention (DLP), and Symantec Endpoint Protection (SEP). The templates add some proactive business processes around the already great products from Symantec. The templates are available to Symantec clients for free and WEVO can help you get them implemented if you don't have a Symantec Workflow expert on staff.

This week we're focusing on Critical System Protection. Below we will be sharing information from Workflowswat.com to describe the features and functionality of the template. You can also access videos at www.workflowswat.com/process-templates.html.

CSP Event Management Template

This template provides a “Best Practice” process for monitoring CSP events.

The main features of this template are…

• Using the Workflow console, the customer can select which CSP profiles they want Workflow to monitor.
• Workflow integrates with the CSP event data and starts a remediation process for each monitored CSP event.
• Audit reporting – Who, What, When. Customers can run process reports by Profile, Event, and Date Range. These reports can be provided to regulators and help avoid many of the challenges that can occur during an audit. Also, these reports add value by providing metrics for continuous process improvement.
• Customers can take the base template and extend it to integrate with other systems as needed.

Stay tuned, next week we'll be highlighting the Data Loss Prevention template!

Symantec Security Enhanced by Workflow - Part II

The Symantec Workflow Business Practice has developed Workflow templates around 4 products in their Security suite; Control Compliance Suite (CCS), Critical Systems Protection (CSP), Data Loss Prevention (DLP), and Symantec Endpoint Protection (SEP). The templates add some proactive business processes around the already great products from Symantec. The templates are available to Symantec clients for free and WEVO can help you get them implemented if you don't have a Symantec Workflow expert on staff.

This week we're focusing on CCS. Below we will be sharing information from Workflowswat.com to describe the features and functionality of the templates. You can also access videos at www.workflowswat.com/process-templates.html.

CCS RMS Security Baseline Template

This template provides a “Best Practice” process for monitoring and remediating changes to Critical Files and AD Groups. This template can also be setup to monitor other critical security items (Database Access, MS Exchange Distribution Lists, File Shares, etc.).

The main features of this template are…

• Workflow integrates with the CCS Risk Management System and starts a Workflow process when an RMS baseline query discovers changes in Active Directory or the File System. A task is created for the compliance group responsible for reviewing the baseline delta. The analyst will have the option to update the baseline with the newly discovered change or remediate the change.
• Audit reporting – Who, What, When. Customers can run process reports by RMS query and Date Range. These reports can be provided to regulators and help avoid many of the challenges that can occur during an audit. Also, these reports add value by providing metrics for continuous process improvement.
• Customers can take the base template and extend it to integrate with other systems as needed.

Stay tuned for the Critical System Protection, Data Loss Prevention, and Symantec EndPoint Protection templates in the coming weeks!

Symantec Security Enhanced by Workflow - Part I

The Symantec Workflow Business Practice has developed Workflow templates around 4 products in their Security suite; Control Compliance Suite (CCS), Critical Systems Protection (CSP), Data Loss Prevention (DLP), and Symantec Endpoint Protection (SEP). The templates add some proactive business processes around the already great products from Symantec. The templates are available to Symantec clients for free and WEVO can help you get them implemented if you don't have a Symantec Workflow expert on staff.

Over the next 4 weeks we'll be highlighting the templates for each product in this blog. This week we will be focusing on the CCS templates. Below we will be sharing information from Workflowswat.com to describe the features and functionality of the templates. You can also access videos at www.workflowswat.com/process-templates.html.

CCS Asset Check Remediation Template

This template provides a “Best Practice” process for customer’s to remediate failed asset checks. The main features of this template are…

• Workflow integrates with CCS and starts a Workflow process for each failed asset check. The process walks the compliance team through the review, testing, and production implementation steps to fix the failure.
• The ability to set a “Risk Score” threshold, which allows the customer to work on the highest risk checks first.
• The ability to set a maximum work item amount. This helps customers “throttle” the amount of check failures that the compliance staff receive. This is important during the first few months of the implementation as the number of failures that are discovered by CCS can be quite high.
• Audit reporting – Who, What, When. Customers can run process reports by Standard, Asset, Check, and Date Range. These reports can be provided to regulators and help avoid many of the challenges that can occur during an audit. Also, these reports add value by providing metrics for continuous process improvement.
• Customers can take the base template and extend it to integrate with other systems as needed.

These templates are the first to be released by Symantec. Stay tuned for the rest of this series in the coming weeks as well as new process templates from the Symantec Workflow Business Practice in the future!