As a security professional you deal in information that is sensitive and often must be kept private, restricted to only those who need to know. Despite this, many organizations rely on Excel to store this information and share it across the company. Excel is an excellent personal productivity tool, readily accessible to anyone in the enterprise, because of this there is a great temptation to use it for purposes beyond personal productivity. People respond well to the flexibility that Excel provides and find almost any other tool too rigid. However, security professionals know the importance of keeping sensitive data safe and the dangers of over-sharing. Intrinsic in the flexibility Excel is also the difficulty it presents in standardizing the way information is captured, stored, and reported. To overcome this, centralized management becomes necessary, because once the Excel formats are de-centralized, they can so easily be changed. Version control becomes an almost impossible task, and no one really knows if the data is the current version. The data can also be tampered with, without any audit of who did what changes, when.
For professional work where standardization is essential, a database is a much better solution. The information can be stored in an encrypted repository and access to it can be controlled automatically according to user's rights and privileges. Data capture using well designed pre-defined templates specific to the needs of security, ensures consistency and promotes accuracy. A pre-defined sharing model automatically alerts those who need to know when an event occurs that is of specific interest to them. Users are not overloaded with unnecessary alerts and don't need to search through spreadsheets to find highlights that are important to them.
Organizations have different strategies for security and investigations. Some are highly centralized; some are completely de-centralized. Most are a hybrid of these. The security organization often mirrors how the whole organization is structured and managed. However, it is increasingly becoming apparent to organizations that security needs to be a cross functional discipline, since it affects assets and information that is at the core of the company’s very existence. So, the key is collaboration. The secure sharing of sensitive information across functional boundaries must avoid compromising privacy and avoid putting the information at risk of tampering or fraud.
TeamMacro TERSM was designed by security professionals with collaboration as its core value. Information can be shared, albeit in a controlled way, and security planning, investigations and reporting can be a shared endeavor, whatever the underlying structure of the organization may be. Emails are used for managing the progress of security investigations, but the emails themselves contain no security information. There is a clear separation between the information collected, investigation documents and content, and the security-neutral information in alerts such as emails, used to manage the incidents to a conclusion. Documents are stored in the shared database and can be viewed at any time. However, they only need be extracted when it becomes necessary to share them with external parties, for instance, a police report. Excel can be used too, but it is primarily for reporting where users want to take advantage of the personal productivity it provides, and definitely not required for the sharing of sensitive information.
For more information and to request a demonstration from one of our security consultants, please contact us at info@teammacro.com