How many systems will need to be monitored with FIM?
Which type of architecture will need to be deployed?
Which Operating Systems will require monitoring?
Does your environment leverage central configuration
management?
How will FIM alerts be evaluated?
Does FIM logs to be sent to a centralized log repository?
Who will monitor and approve changes for FIM?
What reports should be developed and who should receive
these?
Is FIM required to meet regulatory or standards
requirements?
How will FIM be tuned and who will be responsible for
identifying new FIM signatures?
Will a SIEM solution be utilized within the environment?
Do you have any PCI DSS requirements? Do you process, store,
or forward credit card information?
Do you have a compliance need to test and verify the
security of your systems? How do you know if the security measures in place are
working? Can you verify that you will know if file or object-level changes
occur accurately on servers?
Do you have a regulatory mandate to maintain an audit trail
of who made changes to servers and what changes were made?
Do you have a manual or homegrown change reporting process
today? Do you know the overhead of managing this type of isolated system?
Comments