IT security support process streamlined using Radar

# Case study
February 21, 2023

Radar was used to achieve transparency in the process of ensuring IT-security and data privacy. Thanks to Radar, customers have begun to focus on the most important security aspects, and the taken measures have become more effective.

Challenge

Due to the deteriorating geopolitical situation, attention to security issues in the IT sphere has increased. A data protection and information security consulting company was looking for a tool to help its clients:

  • to track the current situation on the client’s side, receive information about new security incidents, collect information for internal audit;
  • to provide data for external audit promptly and ensure transparency of work in the field of security with partners and stakeholders;
  • to manage the process of working on tasks (fixing technical errors, introducing new processes, using new tools), appoint responsible persons and quickly monitor the status of work;
  • to collect information for root cause analysis of occured incidents.

Solution

The implemented solution consisted of several parts. First of all, it was necessary to install the Radar in the local network of the consulting company. As an alternative, the customer has been proposed to subscribe to Cloud Radar service - this would be a more lightweight solution, but it wouldn't allow customers to act as Radar administrators of their clients. Customer has preferred to have full control over their clients' workspaces and ordered a separate on-premise installation.

Process of Radar integration has been proposed to the cusomer:

  • The consulting company creates independent workspaces for it’s clients;
  • Administrator of the company invites representatives of it’s clients, who should participate in the incident tracking process, to the Radar workspace;
  • Invited participants subscribe to notifications on red statuses;
  • All incidents are entered by the clients into their Radar workspaces or imported daily from Excel tables;
  • Key information about incidents is filled in: priority, type, etc.;
  • A responsible person is assigned to the incident and observers sign on it;
  • The status of the incident is promptly updated by the responsible person, all interested participants receive notifications.

For each client of the consulting company, a Radar report was set up to display an overview of the state on the client's side: urgent incidents are placed in the center of the radar chart; non-urgent - along the edges of the radar chart. The colors of the projects on the radar allow users to intuitively understand the status of problem resolution and focus on the most critical issues.

Additional measures

In order to keep an eye on global trends in information security, as well as to keep abreast of the latest discovered software vulnerabilities and security patches, a process for assessing compliance with digitalization and information security trends was established: trends, measures and events are entered into the system, then clients are evaluated according to the selected parameters.

Impact

In order for the consulting company to be able to manage the workspaces of its clients, the Radar team has finalized the Admin console. Now managing subscriptions has become even easier and more convenient.
According to the customer's feedback, the following goals were achieved by joint efforts:

  • Critical data is protected.
  • Identified security loopholes are tracked, corresponding patches are in a timely manner installed.
  • New security policies are in a timely manner applied.
  • The effectiveness of security strategies is tracked.

Featured articles