McAfee and RSA make regulatory compliance easier
RSA Security’s Archer eGRC platform and McAfee Inc.’s ePolicy Orchestrator (EPO) are both tools employed by large enterprise organizations and governments.

The key differentiator between them, however, is in what they do. In a lot of cases, big organizations will use both products but often don’t get enough insight between them when it comes to setting policy for regulatory and security compliance. That’s why the two companies have agreed to integrate data from the two solutions.

Doug Cooke, director of sales engineering at McAfee Canada, said that both McAfee and RSA heard from their customers that this was something they not only wanted, but needed. Drawing data from Archer into EPO could give insight as to whether any piece of an enterprise’s infrastructure was up to code, he said. “(Archer) has the ability to gather some data and there’s some manual data that’s put in, but it also has mechanisms to gather from other tools, from other security vendors like ourselves.”

What was missing, essentially, was a direct pipe between the two programs that allows for the data to be utilized in the most intelligent and deep-diving way. Cooke said what it does is “it takes the more operational data that’s in EPO, the device data, counter-measure data, gets it up into RSA where it can be combined with the more business intelligence, risk posture, risk analysis,” he said. After which, “within the Archer product, (organizations) can go through the processes they need to define compliances and the risk posture of the organization.”

McAfee, a division of Intel Corp., is based in Santa Clara, Calif. RSA, which is a division of EMC Corp., is based in Bedford, Mass.

Carmi Levy, independent technology analyst, said this kind of analytic know-how, which using Archer and EPO together can entail, is critical for any businesses in Canada that work in the U.S. “If you’re connected to an American company in any way, shape or form, you owe it to yourself to understand the regulatory environment and how it might apply to you,” he said. “Armed with this knowledge, you’ll be in an ideal position to adapt your business processes to avoid a potentially inconvenient and expensive breach.”

He also said that, before Archer and other GRC (government, regulations and compliances) software suites were released, and particularly before oversight programs like McAfee’s EPO played so nicely with them, navigating regulatory issues in other countries could be a nightmare. “For Canadian businesses wondering how U.S. compliance legislation might apply to them, increasingly capable vendor tools and offerings can help them rein in what was once a hopelessly complex process,” Levy said.

Cooke is happy that this pipe created between the two offerings is not only helpful, but a value-add for both McAfee’s and RSA’s customers. “There’s a rich amount of information in EPO and if that can come up into the Archer product it just adds value to (it) and makes the whole compliance and risk process more accurate.”

Related Download
Improving the State of Affairs With Analytics Sponsor: SAS
Improving the State of Affairs With Analytics
Download this case study-rich white paper to learn why data management and analytics are so crucial in the public sector, and how to put it to work in your organization.
Register Now