McAfee and RSA make regulatory compliance easier

RSA Security’s Archer eGRC platform and McAfee Inc.’s ePolicy Orchestrator (EPO) are both tools employed by large enterprise organizations and governments.

The key differentiator between them, however, is in what they do. In a lot of cases, big organizations will use both products but often don’t get enough insight between them when it comes to setting policy for regulatory and security compliance. That’s why the two companies have agreed to integrate data from the two solutions.

Doug Cooke, director of sales engineering at McAfee Canada, said that both McAfee and RSA heard from their customers that this was something they not only wanted, but needed. Drawing data from Archer into EPO could give insight as to whether any piece of an enterprise’s infrastructure was up to code, he said. “(Archer) has the ability to gather some data and there’s some manual data that’s put in, but it also has mechanisms to gather from other tools, from other security vendors like ourselves.”

What was missing, essentially, was a direct pipe between the two programs that allows for the data to be utilized in the most intelligent and deep-diving way. Cooke said what it does is “it takes the more operational data that’s in EPO, the device data, counter-measure data, gets it up into RSA where it can be combined with the more business intelligence, risk posture, risk analysis,” he said. After which, “within the Archer product, (organizations) can go through the processes they need to define compliances and the risk posture of the organization.”

 
McAfee, a division of Intel Corp., is based in Santa Clara, Calif. RSA, which is a division of EMC Corp., is based in Bedford, Mass.

Carmi Levy, independent technology analyst, said this kind of analytic know-how, which using Archer and EPO together can entail, is critical for any businesses in Canada that work in the U.S. “If you’re connected to an American company in any way, shape or form, you owe it to yourself to understand the regulatory environment and how it might apply to you,” he said. “Armed with this knowledge, you’ll be in an ideal position to adapt your business processes to avoid a potentially inconvenient and expensive breach.”

He also said that, before Archer and other GRC (government, regulations and compliances) software suites were released, and particularly before oversight programs like McAfee’s EPO played so nicely with them, navigating regulatory issues in other countries could be a nightmare. “For Canadian businesses wondering how U.S. compliance legislation might apply to them, increasingly capable vendor tools and offerings can help them rein in what was once a hopelessly complex process,” Levy said.

Cooke is happy that this pipe created between the two offerings is not only helpful, but a value-add for both McAfee’s and RSA’s customers. “There’s a rich amount of information in EPO and if that can come up into the Archer product it just adds value to (it) and makes the whole compliance and risk process more accurate.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now