Wouldn’t you want your security team notified immediately when vulnerabilities like heartbleed are disclosed?
In the unfortunate event of a vulnerability, security breach, or disaster, notifying the appropriate persons in a quick and efficient manner can mean a faster recovery, or at the least, damage control. Emergency/Mass Notification Systems (EMNS) can sidestep email, a slower and sometimes unreliable method, in order to deliver a message to a cell phone. This cannot be achieved unless contact information is up to date. Therefore, continual or scheduled data validation is a crucial process, as more businesses move their critical data to cloud storage and the risk environment continues to change.
Topics Include:
I. Enable the Data Certification plugin
The Data certification module initiates a process workflow that will send an email to a user who is expected to validate the information. This scheduled data validation allows managers to feel comfortable that threats will be assigned and escalated quickly.
II. Integrate Twilio
Twilio, (NotifyNow in Dublin) allows ServiceNow to communicate with end users via a mobile device, automatically assigning tickets and allowing attribute changes without the need for a call center representative.
III. Generate an EMNS message based on inbound vulnerabilities
Leveraging data from the National Vulnerability Database and sites like weather.gov, we can identify potential threats to the infrastructure and send Emergency Mass Notifications to prepare, asses and remediate.