Securing, maintaining, monitoring and controlling a computer system is a difficult task, especially in an enterprise. System administrators, trying to constantly secure systems, maintain systems, monitor systems and control systems may be overwhelmed.
Securing computer systems is difficult because of internal and external threats. Internal threats are the greatest danger to computer system security. It is estimated that eighty percent of security problems have internal causes. Internal causes may be many and varied. For example, disgruntled employees can wreak havoc on computer systems. Security problems do not have to be caused by intentional acts, either. Careless employees can destroy systems.
The remaining twenty percent of security problems have external causes. These external problems may be many and varied as well, for example, hackers and viruses constitute an all-too-real threat to computer systems.
Maintaining computer systems is difficult because of the complicated and intertwined nature of computer systems. Multiple platforms, lack of standardization among vendors, frequent conflicts among software, maintaining updates etc. can cause all sorts of difficulties for computer system maintenance.
Securing, maintaining, monitoring and controlling computer systems is complicated by the difficulty of tracking any system problems. A system administrator may simply be unable to locate the problem because of the complicated and intertwined nature of modem computer systems. Finding an internal security threat, such as a malicious employee who uses another employee's machine to corrupt the system or network, may be impossible.
Security threats are constantly changing. New security vulnerabilities are constantly being discovered in system software. New viruses are constantly being written and released. Systems can be protected against newly discovered vulnerabilities and viruses usually only after the vulnerability or virus is recognized. It is sometimes possible to guard against vulnerabilities or viruses by attempting to recognize threatening characteristics, such as telltale behavior, code sequences and the like, however, this type of detection (usually referred to as “heuristics detection,”) is limited and not always accurate. Thus, frequent updates of security mechanisms, such as installing system patches, updating virus definitions regularly, etc. are necessary.
There are various tools in the prior art that attempt to secure, maintain, monitor and control systems. These tools suffer from many deficiencies. First, they are usually not designed to perform all the functions of securing, maintaining, monitoring and controlling systems. Thus the user must obtain and install a number of tools for each function. Next, the tools may themselves bring their own set of security, maintenance, etc. problems to the system, as might be the case when an antivirus program conflicts with a system monitoring program. Moreover, maintaining the tools themselves can become as separate system chore, as the tools must constantly be updated to deal with newly discovered security threats.
The majority of system protection and maintenance tools also lack platform independence. That is, they are usually designed to interface with one particular platform or operating system. By being limited to a particular operating system, protection on different platforms, such as might occur in an enterprise with UNIX, Windows, and mainframe platforms, may become very complicated.
Storage media is also subject to corruption. For example, hard drives may be corrupted as well. Accordingly, it would be helpful to have a tool providing for simple and effective securing, maintaining, monitoring and controlling storage media.
Accordingly, it is an object of the present invention to provide methods, apparatus and articles of manufacture that secure, maintain, monitor and control computer systems and storage media.
It is a further object of the present invention to provide methods, apparatus and articles of manufacture that secure, maintain, monitor and control computer systems and storage media without needing frequent updates.
It is a further object of the present invention to provide methods, apparatus and articles of manufacture that secure, maintain, monitor and control computer systems and storage media across a variety of platforms.