Welcome!

Agile Computing Authors: Liz McMillan, Elizabeth White, Carmen Gonzalez, Gerardo A Dada, Jnan Dash

News Feed Item

MetricStream IT GRC Solutions Witness Rapid Adoption as Companies Seek to Integrate Bottom-Up IT Control Processes with Top-Down Risk Intelligence

Leading analyst firm cites MetricStream as a pioneer in the IT GRC products market, and highlights its "strong vertical specific solutions" and "strong IT GRC capabilities around cloud and virtualized environments"

PALO ALTO, Calif., Dec. 13, 2012 /PRNewswire/ -- In today's increasingly virtualized, mobile, and cloudy world, Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs) are confronted with complex challenges around information security, big data management, and compliance with regulations such as SOX, PCI DSS, HIPAA, NERC, FISMA, and ISO 27001. The traditional approach of managing these requirements in multiple silos and systems is not only inefficient and expensive, but also leads to redundancies and conflicts. Today, organizations seek to rationalize and harmonize their IT GRC processes, while also providing top-level visibility into enterprise IT risk and compliance data that can help determine areas of concern, and enable management to make quick, actionable decisions based on sound data points.

MetricStream provides a comprehensive suite of IT GRC solutions that aggregate and unify IT risk and information security and compliance data from across the hyper-extended enterprise. The solutions also help add business context to the data, as well as provide strong analytics capabilities to support mature, risk-oriented security programs.

The MetricStream solutions integrate with various applications – such as those for identity management, asset management, Security Information and Event Management (SIEM), threat and vulnerability assessment, intrusion detection and prevention, and security feeds – to consolidate data related to information security, and technology risks. Powerful dashboards present a real-time, top-level view of this information. The solution also facilitates a robust workflow-based approach to IT audit management and remediation management.

MetricStream IT GRC Solutions were recently reviewed by IDC, a leading provider of global IT research and advice, in its report - "MetricStream: Comprehensive Solutions for IT Governance, Risk, and Compliance[1]." The report highlights MetricStream's "strong intellectual property (IP) portfolio around GRC," its "strong portfolio of IT GRC products that address end-to-end customer requirements," and its "strong partnership with various technology vendors in the security, smart grid, network management, operations, and asset management spaces." The report also highlights MetricStream's "strong IT GRC capabilities around cloud and virtualized environments."

Mayur Sahni, Research Manager, Services at IDC Asia/Pacific says, "Compliance requirements today are non-negotiable, and it's imperative for enterprises to implement a structured, organization-wide approach to IT GRC. MetricStream has a broad set of technologies not only to enforce and implement IT controls, but also to collect and harvest the information required to manage risk and demonstrate governance."

MetricStream IT GRC solutions provide integration capabilities for IT security, cloud, infrastructure, General Computer Controls (GCC), and business application controls. It simplifies compliance across IT regulations, standards, and frameworks by supporting automated monitoring and reporting of IT risk and control effectiveness and provides comprehensive content for meeting compliance challenges, including over 5,000+ IT control statements from over 800+ authority documents through a partnership with UCF, which helps organizations harmonize on the smallest possible set of IT controls to meet all their compliance requirements. The solutions also provide robust IT audit management capabilities, streamlines the IT audit and compliance process, and enable multiple stakeholders to gain visibility into the status of these processes and their results. IT control or compliance issues that arise are automatically routed through a systematic process of investigation and remediation.

With MetricStream's acquisition of vPanorama cloud GRC technology from TBD Networks, the company is able to provide solutions that allow its customers to seamlessly manage risks, regulatory compliance challenges, privacy requirements, security threats, and performance metrics across the cloud & virtualized infrastructure. The technology has augmented MetricStream's IT GRC solutions by providing granular visibility and control over security configuration assessments, continuous controls monitoring, risk management, and threat and vulnerability management. It helps minimize inefficiencies, while enhancing the reliability and performance of the cloud infrastructure.

MetricStream's robust functionality has attracted marquee customers across industry segments, which include some of the largest and most respected companies in social media and Internet information, banking and financial services, healthcare, manufacturing, energy, and retail.

"IT organizations have focused solely on a bottom-up approach so far – implementing granular IT controls based on vulnerability scans, patch, and configuration control data. This approach results in a lot of data but little actionable intelligence," said Vasant Balasubramanian, Vice President of Product Management at MetricStream. "MetricStream combines bottom-up data with a top-down approach and over-arching analytics that correlate information risk, security, compliance, and business issues to provide actionable risk intelligence. Furthermore, with MetricStream's recent acquisition of vPanorama technology, we provide the unique capability of bringing top-down risk intelligence and IT GRC controls to the cloud. We also help enhance business value by closely aligning IT investments with organizational strategy and corporate objectives."

[1] IDC, MetricStream: Comprehensive Solutions for IT Governance, Risk, and Compliance, Doc #IN2672604U, July 2012

About MetricStream

MetricStream is a market leader in Enterprise-wide Governance, Risk, Compliance (GRC) and Quality Management Solutions for global corporations. MetricStream solutions are used by leading corporations such as UBS, P&G, Constellation Energy, Pfizer, Philips, BAE Systems, Twitter, SanDisk, Cummins and Sonic Automotive in diverse industries such as Financial Services, Healthcare, Life Sciences, Energy and Utilities, Food, Retail, CPG, Government, Hi-tech and Manufacturing to manage their risk management, quality processes, regulatory and industry-mandated compliance and corporate governance initiatives, as well as several million compliance professionals worldwide via the www.ComplianceOnline.com portal. MetricStream is headquartered in Palo Alto, California and can be reached at www.metricstream.com.

Media contact:
Mr. Vinay Bapna
[email protected]
650-620-2955

This press release was issued through eReleases® Press Release Distribution. For more information, visit http://www.ereleases.com.

 

SOURCE MetricStream

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
An IoT product’s log files speak volumes about what’s happening with your products in the field, pinpointing current and potential issues, and enabling you to predict failures and save millions of dollars in inventory. But until recently, no one knew how to listen. In his session at @ThingsExpo, Dan Gettens, Chief Research Officer at OnProcess, discussed recent research by Massachusetts Institute of Technology and OnProcess Technology, where MIT created a new, breakthrough analytics model for s...
SYS-CON Events has announced today that Roger Strukhoff has been named conference chair of Cloud Expo and @ThingsExpo 2017 New York. The 20th Cloud Expo and 7th @ThingsExpo will take place on June 6-8, 2017, at the Javits Center in New York City, NY. "The Internet of Things brings trillions of dollars of opportunity to developers and enterprise IT, no matter how you measure it," stated Roger Strukhoff. "More importantly, it leverages the power of devices and the Internet to enable us all to im...
Complete Internet of Things (IoT) embedded device security is not just about the device but involves the entire product’s identity, data and control integrity, and services traversing the cloud. A device can no longer be looked at as an island; it is a part of a system. In fact, given the cross-domain interactions enabled by IoT it could be a part of many systems. Also, depending on where the device is deployed, for example, in the office building versus a factory floor or oil field, security ha...
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at 20th Cloud Expo, Ed Featherston, director/senior enterprise architect at Collaborative Consulting, will discuss the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
What happens when the different parts of a vehicle become smarter than the vehicle itself? As we move toward the era of smart everything, hundreds of entities in a vehicle that communicate with each other, the vehicle and external systems create a need for identity orchestration so that all entities work as a conglomerate. Much like an orchestra without a conductor, without the ability to secure, control, and connect the link between a vehicle’s head unit, devices, and systems and to manage the ...
Financial Technology has become a topic of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 20th Cloud Expo at the Javits Center in New York, June 6-8, 2017, will find fresh new content in a new track called FinTech.
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform and how we integrate our thinking to solve complicated problems. In his session at 19th Cloud Expo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and sh...
"We're a cybersecurity firm that specializes in engineering security solutions both at the software and hardware level. Security cannot be an after-the-fact afterthought, which is what it's become," stated Richard Blech, Chief Executive Officer at Secure Channels, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
"Once customers get a year into their IoT deployments, they start to realize that they may have been shortsighted in the ways they built out their deployment and the key thing I see a lot of people looking at is - how can I take equipment data, pull it back in an IoT solution and show it in a dashboard," stated Dave McCarthy, Director of Products at Bsquare Corporation, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Everyone knows that truly innovative companies learn as they go along, pushing boundaries in response to market changes and demands. What's more of a mystery is how to balance innovation on a fresh platform built from scratch with the legacy tech stack, product suite and customers that continue to serve as the business' foundation. In his General Session at 19th Cloud Expo, Michael Chambliss, Head of Engineering at ReadyTalk, discussed why and how ReadyTalk diverted from healthy revenue and mor...
Whether your IoT service is connecting cars, homes, appliances, wearable, cameras or other devices, one question hangs in the balance – how do you actually make money from this service? The ability to turn your IoT service into profit requires the ability to create a monetization strategy that is flexible, scalable and working for you in real-time. It must be a transparent, smoothly implemented strategy that all stakeholders – from customers to the board – will be able to understand and comprehe...
The Internet of Things (IoT) promises to simplify and streamline our lives by automating routine tasks that distract us from our goals. This promise is based on the ubiquitous deployment of smart, connected devices that link everything from industrial control systems to automobiles to refrigerators. Unfortunately, comparatively few of the devices currently deployed have been developed with an eye toward security, and as the DDoS attacks of late October 2016 have demonstrated, this oversight can ...
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...
More and more brands have jumped on the IoT bandwagon. We have an excess of wearables – activity trackers, smartwatches, smart glasses and sneakers, and more that track seemingly endless datapoints. However, most consumers have no idea what “IoT” means. Creating more wearables that track data shouldn't be the aim of brands; delivering meaningful, tangible relevance to their users should be. We're in a period in which the IoT pendulum is still swinging. Initially, it swung toward "smart for smar...
"ReadyTalk is an audio and web video conferencing provider. We've really come to embrace WebRTC as the platform for our future of technology," explained Dan Cunningham, CTO of ReadyTalk, in this SYS-CON.tv interview at WebRTC Summit at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, discussed the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They also reviewed two "free infrastructure" pr...
WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web communications world. The 6th WebRTC Summit continues our tradition of delivering the latest and greatest presentations within the world of WebRTC. Topics include voice calling, video chat, P2P file sharing, and use cases that have already leveraged the power and convenience of WebRTC.
As data explodes in quantity, importance and from new sources, the need for managing and protecting data residing across physical, virtual, and cloud environments grow with it. Managing data includes protecting it, indexing and classifying it for true, long-term management, compliance and E-Discovery. Commvault can ensure this with a single pane of glass solution – whether in a private cloud, a Service Provider delivered public cloud or a hybrid cloud environment – across the heterogeneous enter...
"At ROHA we develop an app called Catcha. It was developed after we spent a year meeting with, talking to, interacting with senior citizens watching them use their smartphones and talking to them about how they use their smartphones so we could get to know their smartphone behavior," explained Dave Woods, Chief Innovation Officer at ROHA, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.