Technology management for companies is about sustaining and improving a company’s competitiveness in the long-term. The aim of Technology Management is to sustain and improve the competitive position of a company’s technology exploitation. The management of technology should comprise three major factors: leadership, motivation of employees and appropriate management of technology (Li-Hua R, K halli T, 2006). The goal of Technology Management is to create a synergy among all the factors (i.e. research, development, planning, engineering, machines, software, production, and communication) to make them work together in the most efficient way to produce profit for the company in the long-term. Companies are under constant pressure to be innovative, to introduce new products and services to create difference in the market, and to make process innovations to improve their business performance (Schilling M.A, 2008). Rapid changes in the business environment and global competition forces companies to understand the business opportunities and risks of new technologies, and how important technological innovations are for industrial competitiveness (Mogee, 1993). Technological innovations can involve changes in products and services or changes in the ways of operating (i.e. process innovation) (Tidd J, Bessant J, Pavitt K, 1997). The aim of this study is to identify the common perception of Technology Management functions in IT companies, which elements are the most critical for them, and where the biggest development needs are in practice. The study was realised qualitatively in ten IT companies in Bangalore. The results show many similar characteristics in the IT companies, such as the nature of the technology strategy, the mode of co-operation in technology development, or the ways of acquiring technologies. However, differences were also identified mainly in the companies’ business models and company size.
None of the functions of Technology Management (Technology Management), were evaluated as the most important by the IT companies. However, certain functions of Technology Management were highly appreciated and are mostly related to the engineering activities, such as product development, technology development, information and knowledge management, life cycle management, and production process management.
Indian IT companies have been well known for their services and product development related capability, but there are shortcomings in the strategic and business management levels. Thus we decided to collect knowledge about the current state of Technology Management in IT companies. Before analysing the practices, we outline the functions of technology management according to the current literature. After that, we examine these functions in practice and identify the areas for development and importance of those.
Archive for the Category ◊ institute of technology ◊
Event Log, Audit Log and Syslog messages have always been a good source of troubleshooting and diagnostic information, but the need to back up audit trail files to a centralized log server is now a mandatory component of many governance standards. Contemporary, SIEM solutions need to be
? flexible enough to cater for all devices, operating systems, platforms, databases and application
? sufficiently scalable to cope with thousands of devices generating millions of events
? intelligent, correlating events and identifying true security incidents only so resources can focus on genuine threats and attacks.
This is an introductory ‘Top Ten of Audit Trail and Event Log Monitoring’.
1. Security Standards and Corporate Governance Compliance Policies such as PCI DSS and GCSx CoCo require logging mechanisms and the ability to track user activities as they are critical in preventing, detecting, or minimizing the impact of a data compromise. Other policies such as FISMA, Sarbanes Oxley, NERC CIP, ISO 27000 and HIPAA all benefit from a means of centralizing audit log events to identify security incidents.
2. The state of the art in Audit Log Correlation technology provides automated configuration assessment, proactively testing and assessing a server environment against preconfigured, out-of-the-box policies, helping to enable a minimal deployment window. The best solutions leverage industry standards, specifically benchmarks from the Center for Internet Security (CIS), the National Institute of Standards and Technology (NIST), and the Defense Information Systems Agency (DISA). These benchmarks include thousands of configuration assessments enabling automatic sustainable policy compliance testing for FISMA.
3. Security standards such as PCI DSS and GCSx CoCo mandate the need to track and monitor all access to network resources and cardholder data Logging mechanisms and the ability to track user activities. The presence of logs in all environments allows thorough tracking and analysis if something does go wrong. Determining the cause of a compromise is very difficult without system activity logs. A central event log analyzer is the best option to use.
4. It is vital that your system for centralizing audit log trails is robust and comprehensive. PCI DSS requires your audit trail history is retained for at least one year with at least 3 months history available for immediate access. The best audit-log tracking software solutions provide real-time indexing of logs with instant keyword search and correlation facilities.
5. While Unix and Linux hosts can forward audit trail and system events using syslog, Windows servers do not have an in-built mechanism for forwarding Windows Events and it is necessary to use an agent to convert Windows Event Logs to syslog. The Windows Events can then be collected centrally using your audit log server. Similarly, applications using Oracle or SQL Server or bespoke or non-standard applications do not use syslog to forward events and it is necessary to use an agent to forward events from these applications. Finally, if you are using an IBM z/OS mainframe or AS/400 system you will need further agent technology to centralize event and audit log messages.
6. Audit trail history must be securely stored in order to prevent retrospective editing or any tampering. The PCI DSS requires that audit trails are promptly backed up to a centralized log server or media that is difficult to alter. The best centralized log server solutions employ file-integrity monitoring for the log backup files so that any modifications can be detected and alerted.
7. Firewalls (Checkpoint, McAfee Sidewinder, Juniper, Netscreen, Cisco ASA, Nokia, Intrusion Protection System (IPS), Intrusion Detection Systems (IDS), routers and RADIUS accounting and authorization services, vulnerability scanning solutions such as Retine eEye, Nessus and other Pen Testing solutions, wireless routers, switches all natively generate syslog messages to report a range of events from the low-level informational logs through to critical events.
8. Syslog messages are defined in RFC 3164 and is officially known as the BSD Syslog Protocol. Syslog messages are sent using UDP on port 514 by default although different ports can be used. Syslog messages use a range of Facility Codes and Severity Codes. The Facility Codes range from 0 to 23 and determine the message type. The Severity Codes range from 0 to 7 as follows:
0 Emergency: system is unusable
1 Alert: action must be taken immediately
2 Critical: critical conditions
3 Error: error conditions
4 Warning: warning conditions
5 Notice: normal but significant condition
6 Informational: informational messages
7 Debug: debug-level messages
9. The Security Incident and Event Management or SIEM market as defined by Gartner covers the advanced generation of solutions that not only harvest audit logs and provide centralized log server functions but parse event log messages and analyze event logs as they are stored. This allows event logs to be correlated to identify hacker activity and attack patterns and notify IT security teams. The best SIEM systems employ a range of artificial intelligence capabilities to recognize threat signatures by cross-referencing events from IPS, IDS and RADIUS systems, Anti-Virus, Host Integrity Monitoring systems, File Integrity Monitoring software, Firewalls, Active Directory and watching for classic hacker activity such as deletion of log files and “brute force” hacks where repeated/sequential logon failures or bad password events will be generated.
10. The goal for any SIEM solution is to provide comprehensive log harvesting, automatically filter out all ‘information only’ or ‘normal operation’ events while placing a spotlight on a manageable list of genuine, serious attack patterns or security incidents. Even a medium sized enterprise can have thousands or hundreds of thousands of events generated by devices in their infrastructure so a properly implemented SIEM system is invaluable.
dissertation writing service offers something unique for an undergraduate dissertation, PhD, Master’s thesis research is also editing and even writing in which we help you in all phases of dissertation research is the process of writing with a variety of things such as research design and methodology as well as developing and literature studies etc. even if you choose our services may give results that will satisfy you.
Even a format of a dissertation in the papers you have to get agreement from your professor which includes various features such as spacing, margins, page numbering etc. where production methods are part of a very important format of the content in which a table of contents, writing language and others where the format of this PhD dissertation is a specific requirement even your dissertation must be registered.
Also we as a service to academic writers looking for someone who has talent even professional writers even a strong desire work discipline even high and have the best quality this might be challenged is new to you so if you join us and become one of the authors then you will gain valuable experiences also you will get a decent income even meet the various needs you to do so do not delay when you join the air is with our service that will make your career rise.