State of Minnesota

• A centrally managed vulnerability solution that could provide each agency a consistent view of their security level
• A solution that could exert a more centralized control over their IT infrastructure, and establishes security as an enterprise-class process within the state.
• A solution that could streamline the exchange of IT information among agencies and produce comparative reports

OET recognized the need to exert a more centralized control over the IT infrastructure, and establish security as an enterprise-class process within the state; thereby reducing redundancies among over 70 difference executive level state agencies. OET expressed the need for a risk and vulnerability management system that would streamline the exchange of IT information among agencies and product comparative reports.

By adopting a common technology with a centrally managed solution, every agency now gets a consistent view of their security level and continuous assessment, without having to manage the back end. This yields tremendous savings for the state, when compared to every agency trying to implement a solution on its own.

CHRIS BUSE, OFFICE OF ENTERPRISE TECHNOLOGY, STATE OF MINNESOTA

One of the first initiatives that was executed against that mandate was to acquire an enterprise-class vulnerability management solution and after extended evaluation, Tripwire IP360 was selected. The deployment is now scanning approximately 150,000 networked devices.

• Reduced redundancies among the state agencies security programs with the use of an enterprise-class process that could be applied across the state
• Improved insight into security risk with enterprise-wide metrics that delivered comparative results among state agencies
• Met NIST 800-53 requirements
• Supports FISMA compliance while continually monitoring the state’s network
• Savings for the state with the use of a common technology statewide, without each agency having to manage the back end