CA takes on security, software compliance chores

CA Inc. is beefing up its portfolio of software for managing compliance, including products that address security, software licensing and IT process automation.

The company offered a total of eight releases last week that covered various aspects of IT management, such as governance, identify management and access control, but only three are actually new additions to its lineup. These are CA Security Compliance Manager, CA Software Compliance Manager and CA IT Process Manager. CA, which operates out of Islandia, N.Y. but has its Canadian headquarters in Toronto, did not announce pricing at press time.

Don LeClair, senior vice-president of CA technology strategy, said many firms begin their compliance activities by looking at security issues, whether it’s dealing with U.S. legislation such as Sarbanes-Oxley or managing access to critical systems.

“You can’t afford to make mistakes or use manual processes. You have to make sure you’re complying with policy,” he said, adding that CA Security Compliance Manager offers a dashboard-like capability. “It lets you automate the validation process around people’s entitlements, and it also creates the audit trails and reporting.”

The software compliance product, on the other hand, is designed to help IT managers who are facing increased scrutiny from vendors such as Microsoft over the applications they have deployed in their enterprise. LeClair said the product is designed as an inventory tool.

“The fundamental goal here is to reconcile what software you have licences for versus what you have in your enterprise,” he said. “Usually you only have licences for so many copies of Microsoft Office.”

CA IT Process Manager is focused more on applying policies to the way technology infrastructure has run. LeClair said it offers dozens of connectors to other CA products as well as third-party vendors and includes around 1,000 pre-defined processes to help customers get started.

“In order to survive, you have to do automation. You can’t increase your staff,” he said, adding that despite the acquisitions of Opsware by HP and BladeLogic by BMC, “it’s still a relatively under-penetrated area in the industry. Many customers are using scripts and low-level technology.”

CA also updated its GRC Manager, which in r1.5 promises to bring more visibility to governance and compliance activities to audit and control staff in an enterprise. Marc Camm, senior vice-president and general manager of GRC products at CA, said the company has deployed the product internally and has seen a 50 per cent reduction in costs related to testing. It’s the same way many customers evaluate their compliance results, said Camm.

“They look at the ROI based in operational improvements and cost savings. It could be more streamlined testing of controls, or testing of controls across different compliance efforts,” he said. “This gives you that ability now to find out if you have redundant controls.”

Many technology executives are using the IT Infrastructure Library (ITIL) framework, now in its third iteration, to deal with their compliance work. This includes the City of Toronto, where CIO David Wallace is focused on improving governance.

“ITIL is great for dealing with things like delivery management, service desk,” he said in a recent interview with ComputerWorld Canada. “We’re looking right now at aligning our service level agreements with ITIL standards.”

CA still has some work to do before its product line offers a fast track to ITIL, however.

“The (GRC Manager) platform itself is highly configurable. You can put in different workflows and rules to support different frameworks. We don’t support the frameworks out of the box today, but that’s something we’re going to do in the future.”

Other updates to CA’s product line included CA Access Control Premium Edition, CA Identity Manager r12 and CA Advanced Systems Management r11.2.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Shane Schick
Shane Schickhttp://shaneschick.com
Your guide to the ongoing story of how technology is changing the world

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now