IBM is using technology from recently acquired Consul in new software designed to help businesses meet security and compliance guidelines.
The new IBM Tivoli Compliance Insight Manager allows companies to track, report and investigate non-compliant behavior across their enterprise. The software monitors user behavior in comparison to corporate policies, automatically providing alerts when data or systems are inappropriately accessed, or if security policies have been violated.
"We see the solution as being an audit lens. It gives you a very strong view," said Marc van Zadelhoff, IBMs program director of business development for Tivoli.
Compliance with industry and federal regulations remains heavy on the minds of IT professionals. Research by analyst firm Gartner, of Stamford, Conn., has predicted that, through 2011, companies pursuing a risk-oriented approach to compliance, standardization of controls and automation will reduce the scope of manual process controls by 70 percent and will get the most collateral business value from their compliance investments.
Additional research by Gartner predicted that through 2010, companies that select individual tools for each regulatory challenge they face will spend ten times more on the IT portion of compliance projects than companies that take a proactive and more-integrated approach.
Due out July 6, IBM Tivoli Compliance Insight Manager expands on the capabilities of Consul InSight, the flagship software suite of Consul, which IBM acquired in January.
With the new software, users can create compliance management modules through policy and report definition engines to help meet compliance requirements. In addition, users can create audit reports and translate all the data collected in the repository into a common format, van Zadelhoff said. It also features automated log collection, a compliance dashboard and report distribution. It supports numerous operating systems as well.
Van Zadelhoff added that the software separates itself from rival offerings by focusing on more than just syslogs.
"The log files dont have the level of detail our customers require," he said.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.