Why do I need to monitor inside the firewall? Isn't my intrusion detection system enough to secure my organization? Do I really need surveillance software?

These are the questions typically asked by information security managers, before they are faced with the inevitable: a successful hacker attempt, a client privacy violation, the deletion or copying of sensitive files. It is often after such events, in which the perpetrators were actually logged on to the network, that computer security officers realize they need more than just traditional security toolsets to do their job well. They need knowledge. The kind of knowledge that can only be provided by a world-class surveillance, auditing and forensics tool such as LT Auditor+.

If I monitored all the activity across my network, I would never get any other work done. It's just too much data to sort through.

You are right - trying to monitor and respond to everything is a common mistake made by security managers new to the auditing process. In fact, deciding what to monitor and receive alerts on is one of the most important choices you have to make, and Blue Lance consultants can help you with this process. LT Auditor+ is easy to configure, with powerful filtering capabilities that allow you to track just those events, files or users that are the most critical to your organization, so your job gets easier, not more difficult.

Why should auditing and forensics be a top priority? Shouldn't I be more concerned about preventing incidents rather than worrying about them after-the-fact?

As a matter of fact, auditing and forensics are key components of many top companies' defense strategies. These companies know that by proactively monitoring and auditing across their networks, they are often able to detect suspicious activity prior to the occurrence of a major attack. In addition, because LT Auditor+ gives you real-time access to detailed, easy-to-read audit trail reports, you can significantly reduce your investigation time, saving your company thousands of dollars per incident in losses or system down time. Finally, it is a well-known fact that criminals will return to the scene of a crime - often to commit another crime, if not apprehended. A comprehensive, secure audit trail is your key to defending against repeat offenders, because it is a necessary element for prosecution.

Don't I have enough technology already? Shouldn't my next step be to add people and policies to my information security program?
Absolutely. And what better way to start than with LT Auditor+. Studies have shown that when people are aware they are being monitored, such as with LT Auditor+, security incidents frequently decrease significantly. And with LT Auditor+, you can identify groups of people within your organization who frequently handle sensitive files, deploy security policies to monitor those assets, and be alerted to any password or policy changes that could potentially indicate a security threat.