OTRS as Security Management Software
Whether exchanging information, operating complex technical equipment, storing patient data in a clinic, carrying out remote software updates, or simply using a wireless keyboard: information and communication technologies are everywhere we look. To stop using them would be unthinkable, and without connected computers, our economy would cease to function.
Information technology shapes our daily lives, both at home and at work, but each time we use it we are exposed to threats such as security leaks or malware, opening up the door to industrial espionage or data theft. These challenges require the constant development of security strategies and the application of IT standards to protect companies, government agencies and research and medical facilities.
The OTRS Business Solution™ offers a wide range of tools for optimally implementing your security strategies and meeting the requirements of the German IT Security Law. Although the OTRS Business Solution™ is first and foremost a multifaceted communication and process management tool, it will surprise you to find out how many other functions it offers and how they can help you perfectly manage your daily business and IT security.
- Individual process design for your security management
- Complex roles and permissions management
- Seamless storage of all communication processes
- PGP and S/MIME encryption
- Additional functions for flexible expansions
- Expert know-how for your security management
- Also available as a cloud-based solution with no need of internal IT resources
Clear processes enable quick and precise incident management
When managing incidents every second counts, especially when dealing with critical security issues. Thanks to the intuitive Canvas interface you can define your own individual processes according to your security management needs.
Processes can be started automatically, e.g. by selecting the ticket type “incident”, so if a security incident is reported, it will first receive an individual ticket number. The agent responsible for triaging is then automatically notified of the new incident in order to categorize and prioritize it. The result of this categorization can then be entered into and shown directly in the ticket using dynamic fields. Furthermore, with the OTRS Business Solution™ Feature Hide/Show Dynamic Fields you can additionally define which dynamic fields should be shown or hidden in which ticket masks.
Proactive communication thanks to automatic notifications
Proactively informing analysts and coordinators is especially important when dealing with IT security issues. In OTRS, everybody is kept up to date thanks to its automatic notifications system. In addition, creating notifications can be made even faster by using response templates. The OTRS Business Solution™ Feature Advanced Editor allows you to create intelligent response templates in order to share important information as quickly as possible. You can thus, for example, hide type specific information or highlight it using color coding, or choose to only see data blocks if information such as the source and target IP addresses is available.
Furthermore, you can use the OTRS FAQ Feature to enable a greater degree of self-service and make information on countermeasures or process instructions available from a central source.
Monitor different processes at a glance
After the incident has been entered into the system, the subsequent monitoring and potential escalation processes can be carried out in the OTRS Business Solution™ using the integration of escalation levels and the precise documentation of each stage in the ticket. With the OTRS Business Solution™ Feature Ticket Watchlist, coordinators and incident handlers can add incidents to customized monitoring lists to keep an eye on as many different tickets as they like at the same time. These lists can also be transferred to colleagues in order to simplify incident handling, especially when coordinators change daily or weekly. In addition, you can define specific events, e.g. changes to the queue or the ticket status, to trigger automatic notifications so that nobody misses important changes.
After the incident has been resolved the ticket can be closed. The detailed information stored in the ticket makes evaluating the incident and writing a report incredibly easy.
You can also create forms to provide a clear and simplified incident reporting structure right from the beginning. If the same incident is reported more than once, you can combine, link, answer or close the different tickets with just one click. Thanks to a seamless ticket history you will always know who did what and when to a ticket—100% transparency and clarity!
Clear processes in every area!
The OTRS process management tools can be used not just for managing incidents but in every area, e.g. service requests, evidence lifecycle management or vulnerability management. In addition, processes for identity management in the area of general security can also be implemented easily. When managing company cards, for example, many different people can be involved in the different stages of the process, including the request, the examination of the request and the corresponding documents (e.g. ID, proof of residence, etc.), the notification of the person involved and the issuing of the card itself. But have no fear, the OTRS Business Solution™ simplifies, standardizes and documents each stage of the process. Here it is also possible to have different escalation levels and to add notes and documents to the ticket. Also, if your internal guidelines or procedures change, then you can easily adapt the implemented process to your most current needs. Another use case for the process management feature of the OTRS Business Solution™ is the documentation of your penetration tests. When assessing your computers or networks, the OTRS Business Solution™ helps you store system descriptions, test stages, potential vulnerabilities, risk analysis results and final reports without hassle.
Avoid information gaps and time-consuming searches
The OTRS Business Solution™ Ticket Timeline View provides maximum clarity and transparency, especially when time is of the essence. This function displays the complete communication process of each ticket as a timeline, allowing you to see the ticket status of any inquiry—as well as all actions that have been carried out—at a glance.
This way you can provide accurate information about any ticket at any time, even if the colleague responsible is suddenly sick and you were not involved in the prior ticket process. Every single ticket is saved permanently in OTRS, preventing tickets from being forged or deleted. All actions are recorded and tickets can be accessed using the search function at any time.
With the OTRS Business Solution™ Feature Dashboard News Widget you can communicate high-priority information immediately through the system. Your colleagues will see the information directly after logging into the OTRS Business Solution™ and can apply it immediately. This way, relevant information always reaches the whole team no matter their location.
The OTRS Business Solution™ also makes it possible to easily add attachments to tickets, thus becoming a tool for managing your security management reports, whether for security incidents or planned actions such as penetration tests or audits. Moreover, the Article Attachment Overview function immediately shows you all the attachments in your system. With the search function you can find the right attachment in seconds—a link will take you directly to the corresponding ticket.
No spying over your shoulder: guaranteed authenticity with PGP and S/MIME
Thanks to e-mail, communicating and exchanging information over the World Wide Web has never been easier. Unfortunately, most e-mails can easily become unprotected postcards that others can read, manipulate and exploit without your knowledge. Thanks to the OTRS Business Solution™, you can decide which messages are important, confidential or secret. All emails sent through OTRS can be encrypted using two methods: PGP and S/MIME. These ensure the authenticity, confidentiality and binding nature of your communication. Both encryption methods have a public and a private key and can protect the authenticity of the sender as well as the message content.
A new variable: The German IT Security Law makes reporting security incidents mandatory for around 2,000 German companies
If you work in IT and telecommunications, finances and insurance, energy, food production or health, water supply, transport and transit, or any government agency, then there is a new challenge you have to deal with. From now on, cyber attacks must be anonymously reported to the Federal Office of Information Security (BSI) by operators of critical infrastructure (so-called “KRITIS” companies), and minimum IT security standards must be complied with. In addition, telecommunications companies must warn their customers when a website has been manipulated or an attack on a computer has been detected. Luckily, the OTRS Business Solution™ can help you meet all these obligations.
The OTRS Business Solution™ process management function can be used to obtain a detailed description and documentation of any incident. For this purpose, an entry screen can be configured to contain fields such as drop-down, select and text fields for collecting the following information:
- Date/time of entry / identification / reporting of the incident
- Classification according to type, cause and error
- Systems / equipment affected
- Control measures
- Control costs
With the OTRS Business Solution™ you can minimize error sources and save time when documenting incidents!
We would be happy to tell you about a wide range of further OTRS Business Solution™ functions that can make your life much easier under the new IT Security Law.