Inside the minds of
Swiss IT security professionals
ManageEngine conducted an IT seminar in Geneva, Switzerland, in June 2023 and the following inferences are based on the information shared by IT security professionals, decision makers, and C-level executives who participated in the event.
Is MFA implemented across Swiss organizations? Are you aware of MFA fatigue attacks?
We have implemented MFA in most of our organizations, but we're not sure what MFA fatigue attacks are.
ManageEngine Log360 is a unified SIEM solution with DLP and CASB capabilities to cater to all the security needs of an organization.
Why is it important to implement MFA across your organizations?
Implementing MFA helps mitigate the impact of password-related attacks. Even if passwords are compromised, an additional authentication factor is required to gain access, making it significantly harder for attackers to breach systems.
What are MFA fatigue attacks and how to prevent them?
MFA fatigue attacks occur when users bypass or disable MFA due to the frustration of receiving incessant notifications. To prevent such attacks, simplify the user experience, use adaptive authentication, educate users about the importance of MFA, and implement contextual access policies.
Do you get real-time notifications about the changes made to AD environments?
Mostly. But, it's not always real-time.
ManageEngine Log360 can perform real-time AD auditing and provide actionable analytics to minimize security risks.
Why should you track AD changes in real-time?
Real-time AD change monitoring is essential for immediate threat detection, ensuring system stability, and maintaining compliance.
How to incorporate real-time AD change monitoring in your infrastructure?
To ensure comprehensive logging and recording of all changes, the initial step involves enabling auditing in AD. By utilizing a specialized change monitoring tool such as a SIEM tool, organizations can capture AD changes in detail and gain valuable insights to identify and address anomalies effectively.
For Azure AD, AWS, and other cloud services, do you track and detect malicious logons?
We do, but we can't be 100% sure. We partially track changes made to cloud platforms.
ManageEngine Log360 can track cloud logons and audit cloud platforms.
Why should organizations track cloud logons?
Tracking cloud logons is crucial for organizations to enable monitoring and identifying potential unauthorized access attempts or suspicious activities, enhancing overall security and preventing data breaches.
Why is partially tracking cloud logons insufficient?
Partially tracking cloud logons leaves blind spots in the monitoring process, making it difficult to detect and respond to unauthorized access attempts. Without comprehensive tracking, organizations may miss critical security events and compromise the overall integrity of their cloud environment.
How easy is it to generate an exhaustive compliance report?
It's mostly hard. We can't be sure if we've covered everything.
ManageEngine Log360 can help you with compliance management with 150+ canned audit reports and a custom compliance builder.
What to do to achieve compliance?
Adhering to an IT regulation doesn't happen overnight. SIEM solutions can help you demystify IT regulations and collate reports that will help you comply with specific regulations of an IT mandate.
What to consider before committing to a compliance tool?
The tool needs to be robust and flexible. If there's an IT regulation that comes up specifically for the industry or location of your organization, the solution should let you build custom compliance reports.
Do you think your SIEM tools are expensive?
"Well, SIEM solutions are quite expensive. We wish they were priced reasonably.
ManageEngine Log360 performs security monitoring, risk management, attack detection, contextual remediation and more to strengthen the security posture of organizations.
Why turning to SIEM for security monitoring is beneficial in the long run
Utilizing a SIEM system for security monitoring can help with extensive threat detection, rapid incident response, compliance assistance, scalability, and long-term cost savings.
What to consider before investing in a SIEM tool
Choosing the right licensing model for SIEM solutions is crucial to align with an organization's infrastructure, while scalability is also a key consideration. Opting for plug-and-play SIEM solutions, with customizable modules, enables cost-effective security investments.