Regardless of industry or size chances are there are a set of compliance regulations that your IT organization must address. Sarbanes-Oxley ensures that corporate data is protected and companies remain accountable. Payment Card Industry (PCI) standards protect commonly targeted credit card data. Government and military computing systems must comply with a bewildering array of regulations from NIST, SCAP, CIS to FDCC. In addition to these, most companies have their own internal security policies that need to be followed.
We have strong requirements for implementing a secure network. Not only did Puppet help us meet NIST requirements for configuration management and least privilege, the Puppet architecture itself proved to be extremely secure.
Allan Marcus, Solutions Architect at Los Alamos National Laboratory
An increasing number of regulatory compliance requirements and internal compliance mandates put an unprecedented amount of pressure on system administration professionals. Most organizations achieve compliance through a repeated pattern of last-minute heroics to generate proof of controls for auditors. With systems constantly changing due to new releases, patches, and end user activity, achieving compliance is only half the battle. Maintaining continuous compliance is the biggest challenge.
Puppet offers a powerful and flexible way to create compliance modules that are tailored for your environment and the specific regulations that you must adhere to. Puppet then ensures that the settings and configurations mandated are checked on a regular basis, reporting on variances, and when appropriate, reverting the non-compliant systems back to a known-good-state. The entire policy of your configuration is also readable (as source) at any time, and can be kept in version control to keep up with when and why the policies have changed.
Puppet solutions greatly simplify the process of maintaining compliance with the regulations and standards IT organizations face, providing significant cost savings over manual procedures.