Maximizing ROI with Ecora's Auditor Pro
From Wiki
Maximizing ROI with Ecora’s Auditor Pro
Many companies approach technology compliance as an administrative headache. Ecora’s Auditor Professional delivers efficient and detailed IT audit reports to ease the pain. Once installed, it quickly solves the immediate issues that are difficult or unreliable to resolve manually for any large organization. The monetary benefit can be justified by the avoided fines or delays from lack of compliance. Spending even several hundred thousand is often easy to justify and the ROI is over.
The problem is that once the immediate danger is over or the deadlines are far away, compliance becomes less important and the costs appear out of proportion. With such mindset one tends to compare these costs against potential custom workarounds and hopes that just enough compliance will apiece auditors. As budgets tighten, it is easy to make the short-term decisions to abandon the efforts.
Clients need to look at IT compliance and change management holistically to generate long-term ROI. Benefits can far outpace the cost of software by delivering proactive problem resolution and disaster recovery. These efforts start from the CIO who needs to set strong and clear IT governance objectives. Auditor Professional can help proactively manage these, including both standard policies and custom requirements.
Five ways to get the most out of your Auditor Pro…
1) Automate Compliance Audits:
- Select from our comprehensive list of standard reports (e.g. HIPPA, SOX, ISO etc.).
- Test the reports against a small group of servers to ensure that settings match requirements.
If needed customize the reports to ad components (a.k.a. attributes) and conditions.
- Schedule the reports to run automatically with the desired frequency, but don’t do more than you need, as these tend to get large. (You can always run reports from old datasets that have been collected.)
- Automate when reports are distributed to your colleagues and management team.
2) Manage Against “Gold Standards”:
- Determine which machines or templates represent your “Gold Standard” (these can be multiple for workstations, Windows or UNIX servers, etc.).
- Structure your machines in groups to maximize the speed with which data is collected.
- Determine how frequently and who should review changes (typically can be done weekly).
- Configure Baseline Reports to compare differences and automate running and distribution.
- Proactively review these and request that any deviations are fixed by system owners.
3) Document Settings and Changes to Keep Systems Running
- Auditor Pro can deliver very detailed Configuration reports.
- Schedule periodic data collection of Configuration parameters.
- You can perform these collections weekly as they deliver a lot of data; for general disaster recovery this frequency will be probably sufficient (some clients perform this only monthly).
- If the need for Disaster Recovery comes or simply you need to investigate the settings at a particular time, you can run a Configuration Report and get the required details. (There is no need to store the actual reports, but it is possible and sometimes easier.)
4) Find Configuration Information Quickly
- Auditor Pro’s agentless architecture comes very handy for ad-hoc analysis.
- You can compare the configuration settings of any set of machines to determine differences that can cause a problem.
- You can use the powerful collection engine to gather any information (e.g. Registration in Windows).
- You can create complex queries straight in Auditor Pro and either collect or report based on them.
- You can output your data in multiple formats, such as Excel or csv for further analysis.
5) Proactively Manage Configuration Policies
- Auditor Pro delivers a set of standard policies that can support any major compliance requirement (e.g. HIPPA, SOX, ISO etc.)
- You can compare your configuration against these settings and display them in Ecora’s Control Center for interactive drilling and alerting.
- Your management team can look at the data and provide real-time feedback.
- You can send requests to your team members to address any errors or issues.
- Policies can be customized to include any configuration setting that need to be monitored proactively.
The Bottom Line…
Compliance and change management efforts, if executed properly, can deliver excellent ROI as illustrated on the table below. While Auditor Pro supports and automates some of these processes, we recognize that organizations have other complementary tools. Auditor Pro is built to seamlessly collaborate with such tools. For example our ITSM connector can populate large CMDBs that can leverage our powerful agentless collection and manage problem resolution workflow internally.
