Case Study

Accenture Balances IT Security, Compliance, and Legal Requirements Internationally

A Global Company Balances the Priorities of IT Security, Compliance and International Law.

Accenture

Location: Bermuda

Clients: In nearly every major industry, in government and non-profit

Business: Management consulting, technology services and outsourcing

Business Units: 120 countries and 186,000 employees

Recipe for Success: Accenture collaborates with clients to help them become high-performance businesses and governments

Do you find security demands, audit requirements and legal deadlines giving you the squeeze?

Accenture, one of the largest management consulting, technology services and outsourcing companies in the world gets everything done on time using AVDS.

Introduction

Maintaining an effective network security posture internationally is a constant exercise in adaptation. Because threats are constantly evolving and budgets are finite, 100% regulatory compliance is extremely challenging.

The task of assessing, understanding and managing the overall security posture in near real time - and doing so in relation to evolving compliance requirements and threats - can be time consuming, expensive and complicated.

The Challenge

A real-time understanding of client's security posture is the goal for Chris Lewis. At any given time, Lewis is juggling two or three audits as part of his role as a Technical Security Manager for Accenture. In this role, he manages security, compliance and Federal, state and internal audits for clients in the healthcare and other fields.

The networks he manages are very large, containing thousands of end-points including servers, workstations, network devices and IP phones.

As a technical security manager, Chris Lewis anticipates security issues that may disrupt client business operations by:

  • Prioritizing corrective action depending on the seriousness of the threat and the importance of the asset threatened.
  • Establishing and reporting on compliance with internal policies and external regulations.
  • Managing the often conflicting priorities of IT security, compliance, and legal departments.
  • Remediating security incidents and events quickly and accurately with policies that ensure policy compliance while minimizing business disruptions.

Identifying, monitoring, and understanding security alerts, and taking the time to manually audit security and configuration settings, can be time consuming and difficult in large, distributed deployments.

The Solution

By installing the AVDS appliance-based solution, Accenture got a real-time view of the network security topography of each client and can clearly demonstrate compliance with emerging global IT security standards and integrity legislation.

AVDS conducts automated vulnerability scans on periodic basis according to a pre-set schedule or on ad-hoc basis. From these reports, vulnerability trends can be identified for entire organizations, local networks or down to the level of single IP address.

AVDS also reports contain simple and applicable solutions to problems found. This in depth information shows how to fix and improve the security of your network, both as whole and for each of the devices in it. The solutions can be used globally and will prevent future vulnerabilities from occurring. The recommended solutions include device specific information as well as custom tailored solutions for your environment.

By deplying AVDS, Accenture was able to:

  • Strengthen current network security processes and procedures to protect against attacks from both external and internal threats.
  • Deploy new security solutions that go beyond core-level technology to span the entire network.
  • Respond more rapidly to changing client requirements driven by organizational changes, access, permissions and constantly changing operational procedures.
  • Comply with new security policies that mandate IT upgrades.
  • Perform routine vulnerability assessments of their network, not relying upon once-a-year penetration tests.

The objective is solid information - a regular scan of network vulnerabilities with a method for prioritizing alarms, automating security auditing, and consolidating the information required to meet reporting and regulatory requirements.

The Story

"Because of the complexity and volume of all the audits our client undergoes, we needed a way be proactive and stay one step ahead of the game, to regularly scan their network in advance of the external auditors," said Lewis. "There are plenty of tools out there that will provide a scan of vulnerabilities. What we needed was a tool that could prioritize alarms, automate security auditing, and consolidate the information required to meet reporting and regulatory requirements."

About AVDS

Beyond Security's AVDS performs a security mapping of each client's network and simulates attacks originating from both inside and outside the network. Once mapping of all devices, ports and services is complete, AVDS generates a detailed vulnerability report specifying any security weaknesses, along with detailing the best practice solutions to those vulnerabilities.

The engine is updated on a regular basis to stay abreast with the most recent security vulnerabilities. The updates include security vulnerabilities that were discovered by the company's own research and development team, as well as those discovered elsewhere.

Click For More Info - Or A Free AVDS Eval

Mehr Informationen

Beyond Security

ist ein zugelassener Scanning-Anbieter für die Payment Card Industry (PCI).

Testen von Webanwendungen

Entdecken Sie Sicherheitsprobleme im Zusammenhang mit Webanwendungen, Websites und den zugehörigen Anlagen und Datenbanken.