National Weather Service Southern Region Saves up to 60 Hours on Compliance Audits with Netwrix Auditor
February 2017 by Marc Jacob
Netwrix Corporation announced that the National Weather Service Southern Region chose Netwrix Auditor to establish centralized control over its distributed IT environment and privileged users, enforce security policies, and comply with NIST 800-series requirements.
The National Weather Service has offices all over the United States. Each year, it collects around 76 billion observations and issues 1.5 million forecasts and 50,000 warnings in order to protect life and property and enhance the national economy. The National Weather Service Southern Region must operate 24/7 and stay compliant. To meet these challenges, the IT team needed to establish centralized control over the complex and distributed IT environment, which includes separate Active Directory domains and a large group of privileged users, comprising 24 local domain administrators and 6 enterprise-level administrators.
The monitoring solution the National Weather Service Southern Region previously had in place could not keep up with the growing number of security requirements. Therefore, the agency chose to switch to Netwrix Auditor, which has extensive security functionality to cover its existing and future needs. The agency has gained the following benefits:
Centralized control over the entire IT environment. The agency has many domain admins working in local offices, and it was easy to miss a potentially harmful action, such as elevation of privileges or an incorrect setting. Now, Netwrix Auditor alerts about illicit activity and enables the team to quickly investigate, troubleshoot and revert any unwanted change in Active Directory before any damage is done, ensuring system uptime and keeping the IT environment secure.
Faster and easier compliance with NIST 800-series. The IT team has regular data calls, both for spot checks and to respond to auditors’ requests. These checks are now less stressful thanks to Netwrix Auditor, since the IT team is able to quickly find any requested information. Plus, the solution’s predefined compliance reports save the team more than a week of work when preparing for a full annual audit.
“It is not an easy task to keep up with all the changes in an IT environment as distributed as ours. Yet Netwrix Auditor does the job in a very simple and efficient way. We use it for the most part to satisfy internal security controls and for audit purposes. Netwrix Auditor saves us about 40-60 hours on preparation for each audit and even more in our daily work,” said Jeff Williams, Systems Integration Branch Chief, National Weather Service Southern Region.
“The IT departments of government agencies often find themselves under a lot of pressure. On the one hand, they have to comply with regulatory requirements for cyber security with limited resources and budgets. On the other hand, they have to meet public expectations for quality service by ensuring system security and availability,” said Michael Fimin, CEO and co-founder of Netwrix. “No matter what the initial driver is, government agencies need visibility into the IT infrastructure to establish thorough control across the entire IT environment. Clear understanding what users are doing in the most critical IT systems facilitates detection and remediation of insider misuse, user errors and outside threats.”