ELEMENTAL ADAPTIVE SECURITY PLATFORM
Align Enterprise Cyber Security with Business Objectives
Elemental has developed the first functionally integrated solution that lets security administrators meet their broad-based security objectives in dynamic, real-world enterprise environments. It provides an unprecedented view into the network, including an up-to-the-moment security posture of every machine. Using this highly detailed view, Elemental's solution enables security professionals to achieve their business goals by quickly translating high-level security policies into the desired security states on each and every affected machine on the network.
It allows security professionals to measure, monitor, and enforce their desired security states, while also providing full reporting capabilities. As a result, enterprises can for the first time obtain meaningful metrics, measurably improve their security, and satisfy compliance requirements using a single product: the Elemental Security Platform (ESP).
The Elemental Security Platform is the first and only SaaS solution that combines the key capabilities essential for drastically reduce cyber security breach TTD – time to detection, effective security policy and risk management. Only through this type of comprehensive approach – which seamlessly integrates these key capabilities in a single product can organizations quickly and cost-effectively assure continued alignment between their business goals and their security operations.
The ESP Agent Based Platform
ESP is an integrated solution with easy to deploy sensors in the form of "active" software agents. These Elemental agents actively monitor and enforce security controls on a per system (per host) or per hosts group basis. Typical agent data monitored, collected and assimilated is: vulnerability, compliance, malware, exploit and configuration data. The ECSP platform uses this data to:
- Prioritize remediation
- Perform automated asset discovery
- Identify and block potential threats
- Provide real time compliance and audit reports
The ESP solution provides continuous security to organizations of all sizes with a global view of their security and compliance solutions, while reducing total cost of ownership far beyond what today’s point solutions can deliver. Immediately following today’s current agent data is evidence data for forensic analysis.
The Security Policy Implementation Gap
In a world where information has become too important to risk, IT professionals are increasingly assuming the role of risk managers. They must meet business needs while doing the best possible job of protecting their networks—because the loss or compromise of critical data or any interruption to communications can bring business to a screeching halt. In addition, they must protect the organization itself from risks associated with failing to maintain full regulatory compliance.
Whether it’s ensuring business continuity, better defending their critical assets, or becoming SOX or HIPAA compliant, security professionals readily understand these business-based IT goals. Their challenge lies in translating these broadly defined objectives into actual security states on the thousands of elements that comprise their networks.
The constantly changing environment of today’s enterprise networks compounds the problem. At any given time, administrators find it hard to know the true state of the countless individual machines and systems that are connected to their networks—and they can’t manage what they don’t know.
What if they could somehow achieve full knowledge regarding the state and activity of all these elements? Keeping track of the myriad changes, and manually checking and rechecking that the right security policies are on the right systems at the right time can introduce errors and is prohibitively time and resource intensive.
The security industry has responded to this dilemma by introducing a dizzying array of products designed to link business-based IT objectives with measurable results. However, these offerings have all targeted very narrow aspects of this enormous challenge. This siloed approach has driven administrators to attempt to manage security policies through organizational integrations and costly and resource-intensive manual workarounds. The result is a policy implementation gap that leaves most organizations exposed to significant risks.
Closing the Security Policy Gap
Any organization is only as secure as the degree to which it has achieved compliance with well-developed and comprehensive security policies (controls).
ESP offers a robust security policy library with several thousands of rules (security controls) and editable templates, which Elemental has derived from NSA, DISA, CIS, Microsoft, Oracle and other sources for best practices for general computing security, as well as for HIPAA, SOX, PCI and other government regulations and industry standards.
Administrators can select policies from this library to assess and implement the desired security state on all affected systems on their network, and get results within minutes.
Elemental reduces security threats and risks of non-compliance by making it easy to translate business objectives into well-developed policies, and express these across the network. A well-developed security policy is rooted in best practices, and:
- Takes into account business/organizational goals as well as the technical environment
- It allows for exceptions and is flexible enough to reflect business realities
- Provides a consistent set of metrics that support continued improvement in security process and practices
- Supports hierarchical expression of policies, i.e. enables a high-level overview supported by a detailed drill-down
- Is consistently implemented across computing platforms and organizational boundaries
While security professionals understand the business goals and realities that define the right policies, in a changing environment they find it hard to know the true state of the network. More than half the elements in a typical network are changing every year, people are revolving in and out of the organization at a rapid rate, and rogue machines, outsourcing, and consultants constantly inject unknown risks.
Elemental solves this problem by making every machine on the network transparent to security administrators. The unique Elemental solution comprises a software-based, agent/server architecture. An integrated policy-based packet filter delivers a complete and continuous assessment of traffic generated by all machines on the network and works across platforms to implement policies. This awareness of network elements enables administrators to:
- Automatically configure machines in accordance with regulatory requirements and security best practices
- Restrict the ability of unauthorized or non-compliant machines to harm critical resources
- Assure that only approved hardware and software have access to key systems
- Discover and contain new machines coming on the network
This unprecedented pervasive visibility also makes it possible to create and implement security controls in a way that takes into account the business, organizational, and operational context of each system. In addition, the Elemental solution expresses security policies across all parts of the computing environment, automatically implementing them on all hosts. It also continuously monitors host machines, optionally controlling access based on their compliance with assigned policies.
Ensuring security and compliance isn't limited to machines managed by the Elemental system; each host also monitors the activity of unknown machines on the network. This surveillance capability quickly identifies non-compliant machines and leaves rogue machines with no place to hide.
Network Segmentation & Group Dynamics
Only the Elemental solution provides the automation necessary to keep up with the rapidly changing environment and real-world business context of enterprise networks. A key aspect of this automation is dynamically grouping machines (hosts) based on common characteristics, such as networking behavior, configuration, registry settings, running processes, and hardware or software inventory.
The ESP makes it simple to define groups of systems (hosts) enabling logical segmentation of network computing resources. As new systems or users connect or as new applications come online, each security policy is applied to all the hosts and users in a defined group. As the activity of individual hosts changes, group membership also changes automatically, and the correct policies are applied accordingly.
For example, an administrator can specify a general policy such as "Only members of the finance department using computers that comply with Sarbanes-Oxley (SOX) can access the finance database" and the system dynamically updates network access rules based on user group membership, machine configuration, and SOX compliance levels.
Meeting Business Needs for Auditable Compliance
With audit requirements increasing through governmental regulation as well as internal security policies, ensuring security compliance has never been a higher priority. The Elemental Cloud Security Platform helps save both time and money by reducing the frequency of internal audits, by decreasing the effort of measuring and demonstrating compliance with internal and external audit and regulatory requirements.
Designed to ensure the efficacy of controls, Section 404 of the Sarbanes-Oxley Act has created many demands on IT departments. Meeting the requirements for controls around networks and computers involves providing evidence that documented security controls are implemented and monitored. The Elemental Cloud Security Platform provides detailed reporting that supports a comprehensive policy framework to ensure system security, manage the configuration of all computers on the network, and monitor compliance.
Similarly, the Gramm-Leach-Bliley Act, PCI and HIPAA all include provisions to protect consumers' personal data. As a result, all require compliance with security standards that include administrative and technical safeguards. Elemental helps provide the breadth of required controls to ensure the availability, confidentiality and integrity of protected consumer data.
"More than half of the thousands of elements in a typical network are changing every year, people are revolving in and out of the organization at a rapid rate, and rogue machines, outsourcing and consultants constantly inject unknown risks."