Creating a Compliance Framework with Symantec products
I want to create this blog to start sharing ideas on how different customers of Symantec products are using them to create a compliance framework. I am going to explore the two main areas of my expertise, but would invite anyone using any other Symantec products to inject comments where appropriate.
The two products that I am going to focus on are as follows:
- Symantec Control and Compliance Suite Version 9 (CCS)
- Symantec Data Loss Prevention Version 9 (DLP)
I will be sharing as appropriate the road traveled for our compliance program.
The first mile on the compliance highway includes the following:
- Install and configure DLP discover to create an inventory of where sensitive data resides
- Install and configure CCS and run Center for Internet Security (CIS) baselines across relevant technologies in use
- Create seperate CCS Standards for each technology based on CIS
- Remove and modify CIS checks that do not apply to your environment
- Create a sign off on the standards from senior IT management
The second mile is being developed with lots of ideas coming to life. I will promise to keep this updated as new events transpire.
If there is any one topic that is touched upon that you would like more detail let me know.