With the Christmas season around the corner Karl Fischer, Automation Lead at Obsidian Systems reminds us that being responsible for compliance is not a ‘once a year event. Continuous tracking and observation and that determines whether you should be on the naughty or nice list!
If you feel like Santa has ever reneged on his promise…, we cannot promise you your number one IT wish, everything you’ve ever dreamed of never having to run an enormous annual audit on compliance again.
What we can help you with is to be able to ease the pressure of having to try to address your compliance retrospectively.
TACO is an acronym for Testing, Automation, Compliance, and Observability. It is a continuous security compliance auditing tool that provides your organisation with complete visibility through an integrated dashboard for your compliance and security needs.
#TACOTuesdays is when we coin the phrase ‘Continuous Compliance’.
The term continuous has been used in multiple contexts across the globe. For example, our education system saw the benefit of Continuous and Comprehensive Evaluation (CCE). CCE refers to the system of school-based evaluation thatt includes all aspects of development and learning.
This system refers to the regularity of more frequent testing, identification of learning gaps to allow for faster corrective measures, testing and self-evaluation. This has enabled students to work independently and at their own pace without getting penalised.
Building a continual cycle of improvement requires ongoing effort. In the 90’s the business process of improving products, services and operations exploded. CEOs around the world stopped looking for the ‘goose that laid the golden egg’, and were more interested in laying smaller and more frequent eggs!
Business is still reaping the rewards of the continuous improvement culture, actively engaging employees to participate in the betterment of the company to gain a sense of accomplishment and belonging, along with retention of staff.
Overall this culture also leads to better customer satisfaction of service and products.
Continuous Integration / Continuous Deployment
In the cyberworld of software development, Continuous Integration is the discipline of testing your code continually before releasing it into the build. Delivery or deployment refers to testing that code in the pre-production environment before it is finally released. The days of waiting for the completion of projects is officially over. Failing fast in order to improve and deliver at competitive rates to market is the key.
Even the world of accounting is catching up with the latest move of approach to managing cycles. The rigid period-end tasks and day-to-day activities lines are also becoming blurred to allow for a more strategic than tactical design.
Using TACO, we enable you to create the framework and methodology required to test your compliance levels in a unified manner. This innovative framework delivers an automated environment which can redefine how your organisation approaches security audits and related compliance measures.
TACO Elevates CIS Benchmarks by providing your organisation with a clearly-defined way to drive compliance. Of course, this framework is not a silver bullet, something that can be simply implemented and forgotten about. But it does provide you with the methodology you need to drive compliance in an automated manner throughout the business.
Because it is based around managing compliance on a development level, you can wite all your compliance code using TACO. The framework tests it to ensure your business ticks the boxes. Even better, you do not need to be a developer to do it. Its intuitive interface makes the process as user-friendly as possible.
Security, like so many other integral functions in the organisation, must be consistently provisioned and organic in its implementation. As the IT environment grows and leverages more innovative technology, your security audits must become more dynamic and adapt to requirements. Fortunately, TACO can speak to any security environment whether it is in the cloud or hosted on-premise on legacy infrastructure.
Our focus is on making your security audits seamless. We provide the checklist and you manage the remediation. TACO ensures best practices are enforced and eliminates the risk of security misconfigurations.
by Angela Ho