January 02, 2013
Features

Compliance confluence: 1st Credit and SureCloud

1st Credit
1st Credit

The search begins

Bover and his team began looking for a solution, as clients expect the firm to demonstrate a level of compliance with standards, such as PCI DSS, the Data Protection Act, a U.K. law instituted in 1998 which is the primary legislation governing the protection of personal data in the nation, and ISO 27001, a standard that formally specifies that a management system charged be in place to bring information security under explicit control. “We're taking payment from people who were, or still are, their customers and, understandably, they need our assurance that we won't put their brands at risk,” says Bover.

The team looked at a wide variety of solutions and found that while most of them were fit for the purpose, they were all fairly disparate solutions and would have required a fair bit of work to integrate all the necessary elements, he says.

“I had been looking around for some time before I discovered the right solution,” says Bover. And, the choice was the SureCloud Collaborative Compliance Platform. “It was the only tool we could find capable of aggregating all our compliance data. It was the obvious choice for us,” he says.

The offering is the only software-as-a-service solution that automates and simplifies the entire security management and information compliance process, says Richard Hibbert (left), CEO at SureCloud, a Reading, U.K.-based company that provides software-as-a-service solutions to help achieve compliance. The tool contains four component modules: vulnerability scanning, security information and event management (SIEM), wireless intrusion detection (IDS) and configuration auditing. “These promote continual security improvement,” says Hibbert. “Taking them all together (or individually, if required), SureCloud will assess and monitor networks, applications and wireless local area networks (WLANs), automate key governance, risk management and compliance (GRC) processes and provide actionable intelligence. It all adds up to a simple, cost-effective approach to helping organizations stay one step ahead when fulfilling their ongoing security and compliance obligations.”

SureCloud takes a holistic approach in contrast to competing solutions that only provide a partial view of an organization's security status, Hibbert adds. It provides software-as-a-service solutions that allow mid-market firms with regulatory obligations to benefit from major savings through automated information security management and simplification of the governance process, he says. “A typical SureCloud customer has a requirement for information security programs, has limited in-house IT security and lacks the budget needed for a traditional enterprise compliance solution.” 

From the January 2013 Issue of SCMagazine »
Page 2 of 4
Related Articles
Related Topics

Sign up to our newsletters

More in Features

Suspect everything: Advanced threats in the network

Suspect everything: Advanced threats in the network

Are there ways to catch sophisticated malware that hides in trusted processes and services? Deb Radcliff finds out.

Urgent care: Safeguarding data at health care providers

Urgent care: Safeguarding data at health care providers

Health providers have pressing reasons to now embrace security, says INTEGRIS Health's John Delano. Karen Epper Hoffman reports.

Deciphering cloud strategy

Deciphering cloud strategy

There are steps security pros can take to achieve greater peace of mind with cloud implementations, reports Alan Earls.