VIEWTRUST SOFTWARE OVERVIEW
RISK MANAGEMENT AND COMPLIANCE MONITORING
© Copyright 2016 EMC Corporation. All rights reserved.
1
CHALLENGES
Need a proactive view of risks across my cloud and non-cloud assets due to Cyber,
Compliance, and IT Operations on a continuous and automated basis.
How do I….
• Get a unified view of security and compliance risk across all IT assets (e.g.
enterprise, cloud, hybrid-cloud)?
• Reduce cost and complexity of managing compliances with shrinking budgets?
• Become proactive rather than reactive in dealing with enterprise and mission risks?
• Perform continuous monitoring of risk with ever increasing volume of data?
• Create a single 360° operational view of enterprise risk and prioritize mitigations?
© Copyright 2016 EMC Corporation. All rights reserved.
2
VIEWTRUST CONTINUOUS RISK MONITORING
Viewtrust provides continuous monitoring of risks across enterprise
hybrid cloud as well as non-cloud environments to proactively
address risks due to Cyber, Compliance, and IT Operations.
Enterprise Risk Management
Cyber Risk
© Copyright 2016 EMC Corporation. All rights reserved.
Compliance
Risk
IT Operational
Risk
3
AUTOMATED RISK AND COMPLIANCE MANAGEMENT
•
Provides a unified view of enterprise risk
on a single dashboard
•
Automates compliance and risk
management for private or hybrid clouds
•
Provides continuous risk analysis with
heat maps for proactive view
•
Collaborative and workflow driven for
compliance automation and
documentation
•
Scales with Big Data analysis and
analytics engine
•
Provides mission risk view to address
what is critical to business
© Copyright 2016 EMC Corporation. All rights reserved.
Cyber Risk
Compliance
Risk
IT
Operational
Risk
4
VIEWTRUST ADDRESSES REGULATED MARKETS
Viewtrust provides a scalable solution to address regulatory and industry
standards requirements in a modular architecture
Cyber Risk | Compliance Risk | IT & Operational Risk
Presentation and Data Analytics Dashboard
Federal
Financial
Healthcare
Energy
Retail
Enterprise Risk
Management
✔
✔
✔
✔
✔
Cyber
Situational
Awareness
✔
✔
✔
✔
✔
Regulatory
Compliance
FISMA/
FedRAMP
GLBA
SOX
HIPAA
HITECH
NERC CIP
PCI
© Copyright 2016 EMC Corporation. All rights reserved.
5
CONTINUOUS COMPLIANCE FOR HYBRID CLOUD
Enterprise Risk Management
Virtual Datacenter / SDDC
Unified View
Public/
Managed Cloud
+
Private
Cloud
Automated Continuous Assessment for Risk and Compliance
Automation of common SAP administrative functions improves service
delivery while simultaneously reducing the human and physical resources
required to perform those tasks
© Copyright 2016 EMC Corporation. All rights reserved.
6
VIEWTRUST RAPID ROI
•
•
Reduce compliance costs via efficiency through automation:
–
Automate entire compliance lifecycle
–
Facilitate efficient, collaborative, and consistent audit practice
–
Support multiple compliance frameworks unified in one tool
Reduce enterprise security tool TCO:
–
Unify existing security tools and break data silos
–
Automate risk analysis based on threat and impact analysis
–
Automate identification and remediation of risk through
workflow management
© Copyright 2016 EMC Corporation. All rights reserved.
7
GLOSSARY
Term
Definition
BIA
Business impact analysis (BIA) is a systematic process to determine and evaluate the
potential effects of an interruption to critical business operations as a result of a disaster,
accident, or emergency.
ERM
Enterprise Risk Management (ERM) is a strategic business discipline that supports the
achievement of an organization's objectives by addressing the full spectrum of its risks and
managing the combined impact of those risks as an interrelated risk portfolio.
GRC
Governance, risk management, and compliance (GRC) is the umbrella term covering an
organization's approach across these three areas: Governance, risk management, and
compliance
Sensors
Informational sources capable of providing reports based on the data its collected provided
in any given format. (e.g. Tenable Security Center, McAfee ePO, Symantec CS)
SIEM
Security information and event management (SIEM) is an approach to security
management that seeks to provide a holistic view of an organization's information
technology (IT) security.
© Copyright 2016 EMC Corporation. All rights reserved.
9