Monitoring for the Asset Management Data Domain in the Military

Continuous Monitoring for the Asset Management Data Domain in the Military

 

Special Requirements

 

The management of risks of data and risks is appropriate in promoting asset management among the military organizations. There are special requirements necessary to implement the security of the IT climate and the effectiveness of controls for improved continuous monitoring programs. Some of the special requirements include effective risk management approach. The continuous monitoring program must have improved risk management approaches. Such actions help in maintaining the security procedure and transparency of the data and information. Secondly, the continuous monitoring programs should be characterized by effective technological systems. The technology architecture combines the relevant solution necessary for improved visibility.  It is also important for the process to attract multiple vendors. The presence of multiple vendors is useful in promoting better visibility and security activities for the overall success and performance.

Major Perspectives

There are two major perspectives that can explain the application of continuous monitoring. One of the perspectives is the varied continuous monitoring approach that seeks to handle the dynamic tools and processes. The overall strategies of continuous monitoring understand the nature of the changing environment.  The perspective is appropriate in handling the changes in the security basics of the continuous monitoring program. In addition, different agencies have different capabilities and resources towards meeting the size and the organization mission. The second perspective is scoring model of continuous monitoring processes. The scoring perspective helps in ensuring that all resources are used consistently to meet the requirements of the programs.

Lessons Learned

I was able to learn two major lessons relating to improved continuous monitoring programs. First, I learned that the military organization would need to seek out help from the private sector. The private sector has the ability to deliver quality and efficient asset management programs. The private sector offers market driven solutions that leads to increased costs savings and improved performance. Most important, I learned the systems must be the FISMA implementation requirements, standards, and processes (Jansen & Grance, 2011). The private sector helps in the formation of contractual agreements necessary for promoting software solutions. Second, I learned that the military organization needs relevant reevaluation of their reauthorization process. The continuous monitoring programs for asset management require a long-term strategy on the implementation of reauthorization programs. The agencies must develop appropriate strategies for its information systems with updated security controls.

Key Challenges and Solutions of Continuous Monitoring

There are various key challenges that affect the implementation of continuous monitoring of sensitive data and information in the military. First, political factors and the different schools of through affects continuous monitoring. The interpretation of continuous monitoring needs to accelerate monitoring efforts. Thus, every military requires the satisfaction of the benefits of complying with the certification and accreditation of NIST requirements (Zhang, Wuwong, Li, & Zhang, 2010). The reporting also faces the challenge of paper- based, unreliable manual systems, which is very expensive. It is also a challenge to meet the technical and procedural controls put up in place by Consensus Audit Guidelines (CAG).

Secondly, the military continuous monitoring programs face technical and organizational challenges. The interaction of government agencies with civilians’ agencies for promoting asset management is crucial. Thus, the process faces the challenges to take advantage of the tools and integrating the technical of the different organizations. The technical abilities of the different organizations must be integrated to promote effective continuous monitoring work (Pandey, Voorsluys, Niu, Khandoker, & Buyya, 2012). The challenges can be solved by effective integration of the different technical capabilities creating a culture of teamwork and process. Another potential challenge is the complexity and false sense of security among the different agencies. In the fulfillment of NIST 800-53 as in the article requires technical controls. The complexity of the security systems creates actual risks to continuous monitoring process. To handle the complexity nature of data security, the implementation of security and information even management programs is us

References

 

Jansen, W., & Grance, T. (2011). Guidelines on security and privacy in public cloud computing. NIST special publication, 800, 144.

Pandey, S., Voorsluys, W., Niu, S., Khandoker, A., & Buyya, R. (2012). An autonomic cloud environment for hosting ECG data analysis services. Future Generation Computer Systems, 28(1), 147-154.

Zhang, X., Wuwong, N., Li, H., & Zhang, X. (2010, June). Information security risk management framework for the cloud computing environments. In Computer and Information Technology (CIT), 2010 IEEE 10th International Conference on (pp. 1328-1334). IEEE.