Policy enforcement is the process of ensuring that the enterprise's security policy is followed. It is targeted at the people and associated processes of the enterprise, not its technology. However, technology is a component of enforcement – technical controls are needed to support these processes. Make the corporate security policy enforceable by putting both process and controls in place.
Technical Controls
Without awareness of employee activities, the actions required to enforce the corporate security policy cannot be taken. This awareness is primarily gained through the use of audit and logging tools.
Generic or native logging functions such as syslog for server monitoring and Active Directory for user monitoring provides the minimum required capabilities, but the monitoring and reporting functionality of these tools is limited.
To provide enhanced user monitoring capabilities, solutions such as Identity and Access Management (IAM) are needed. IAM actively monitors user activity by tracking access to devices and files, recording who does what. IAM solutions are not for everyone due to both temporal...
