It's not enterprise security management anymore. According to visionaries from Archer Technologies, the old notion of enterprise security management has given way to risk and compliance management. For years IT risk managers were treated almost as second-class citizens because IT risk was viewed as a very small part of the overall risk picture. As compliance became a major driver, IT risk quickly moved to the forefront. Today, managing IT risk and ensuring compliance has become, by most accounts, the major driver for IT security organizations.
Archer's core concept is fitting the tool or tool set to the business need using an industry accepted best practices and standards-based approach. It accomplishes this through its SmartSuite Framework, a database-centric architecture that allows customers to use a pre-built Archer solution that matches up with a particular best practice, modify that solution or build on a completely unique one, and, for example, support an internal policy.
SmartSuite Framework is vendor neutral. It is a risk and compliance management environment that makes it easy to fit into the customer's enterprise and business environment. The threat management module can take feeds from such providers as VeriSign's iDefense Labs and TruSecure, a part of Cisco. As well, it can gather in vulnerabilities and develop threat/vulnerability (risk) pictures and apply them to the enterprise for analysis.
The SmartSuite also performs asset management, trouble ticketing, incident management and vendor management. The risk management philosophy is “ask once, answer many.” Rather than re-asking the same question in a variety of venues, the answers to questions are applied appropriately to similar questions elsewhere in assessments.
Risk management is achieved through targeted assessments and findings are linked to remediation and exemption requests with drill-down to source data available. Because SmartSuite is not a point solution to a single point problem, it provides a full platform on which to build out a complete risk and compliance management system. This is the core of the Archer Technologies philosophy.
Also, it is accessible with seven core applications available at $45,000 each. Not all organizations need all seven applications, of course. New applications written by the customer can be implemented rapidly, sometimes in as little as a week.
AT A GLANCE
What it is: Risk and compliance management suite
Vendor Archer Technologies - www.archer-tech.com
Cost: $45,000 for each of the seven core applications
Innovation: A complete risk and compliance environment
What we liked Business-driven approach