Configuresoft Adds Security Services Firms to RSCA Partner Community; 'Rapid Assessment' Approach Evaluates Customers' Security and Compliance Status to Develop Best Practices for Continuous Compliance.COLORADO SPRINGS Colorado Springs, city (1990 pop. 281,140), seat of El Paso co., central Colo., on Monument and Fountain creeks, at the foot of Pikes Peak; inc. 1886. It is a year-round resort and a booming military, technological, and commercial city. , Colo. -- Configuresoft, an innovator in systems management technology and the creator of the enterprise continuous compliance management market, welcomed three new partners to its Rapid Security Configuration Assessment (RSCA RScA right scapuloposterior (position of the fetus). (TM)) community. Security services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the firms Eclipsecurity, based in Chicago, IL; Micro System Enterprises, in Houston, TX; and Wadeware, located in Bellevue, WA, expand availability of the RSCA offerings. These firms will use the configuration and compliance assessment service with clients to provide a scorecard on enterprise security configurations and compliance with IT and federal standards and regulations. RSCA provides executives not only with insight regarding the current state of security and compliance within their enterprises, but also detailed recommendations for reigning in non-conforming systems and maintaining continuous compliance. "Configuresoft's RSCA approach complements the Microsoft products and platform to address our clients' critical security and compliance requirements Compliance requirements are a series of directives established by United States Federal government agencies that summarize hundreds of Federal laws and regulations applicable to Federal assistance (also known as Federal aid or Federal funds). ," said Ed Brovick, vice president, Wadeware. "The RSCA assessments build confidence by providing the right information about their systems so they know what they have in place and where they need to focus their efforts." "Organizations are becoming more sophisticated about the expectations and requirements that contracted information security consulting firms must satisfy," said Steven Hamburg, president, Eclipsecurity, LLC (Logical Link Control) See "LANs" under data link protocol. LLC - Logical Link Control . "Eclipsecurity has incorporated RSCA as one of its most vital, proven and robust service offerings. It is this type of standard and repeatable offering that maximizes our clients' assurance that their expectations and requirements will indeed be satisfied." The RSCA engagement is founded on the expertise provided by Configuresoft's Center for Policy & Compliance (CP&C). The CP&C provides a framework for RSCA engagements as well as Enterprise Configuration Manager (ECM (1) (Enterprise Change Management) See version control and configuration management. (2) (Error Correcting Mode) A Group 3 fax capability that can test for errors within a row of pixels and request retransmission. ) toolkits based on industry and federal regulations and security best practices. The CP&C has developed several RSCA tracks tailored for various industries and include Microsoft's Security and Hardening Guides, Sarbanes-Oxley and HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, . "As a Configuresoft RSCA partner we use ECM as our compliance tool on client engagements. ECM keeps track of system changes against SOX, HIPAA and other regulatory mandates," said Kurt Nordquist, director of marketing, Micro Systems Enterprises, Inc. "In one click, we can discover and resolve compliance issues. We are also able to determine the status of files and server storage capacity. Configuresoft ECM handles all of this control, monitoring, remediation and reporting cost effectively and without affecting end user performance." Throughout an RSCA engagement, Configuresoft Partners work closely with the client to quickly and accurately evaluate the quality of production system configurations. Security services partners now have three options for an RSCA engagement: 1. Deploy ECM and RSCA in their services practice to provide enhanced productivity for their consultants; 2. Use RSCA as a stand-alone offering or incorporate the RSCA program into their existing offerings, enhancing the quality of work and deliverables; or 3. Use the RSCA results as a baseline to understand the client's compliance status, and then develop and implement plans with the client to ensure and sustain continuous compliance with regulatory mandates and industry best practices. "These security services leaders recognize the value that Configuresoft's ECM and the RSCA partner program bring to their business and their clients' security and compliance health," said Jeff Puffenberger, vice president, strategic alliances & business development, Configuresoft. "As an RSCA partner, these firms can broaden their capabilities to offer clients ongoing protection and a systematic roadmap of measures to enhance their overall security and compliance operations." About Enterprise Configuration Manager By standardizing and monitoring server and client configurations by role, ECM ensures continuous operational compliance with regulatory, industry and corporate standards throughout a computing infrastructure. Sustained by a proven and scalable architecture, ECM collects tens of thousands of detailed asset, security and configuration settings from each Windows, UNIX UNIX Operating system for digital computers, developed by Ken Thompson of Bell Laboratories in 1969. It was initially designed for a single user (the name was a pun on the earlier operating system Multics). and Linux server and workstation--storing that information in a centralized configuration management database (CMDB CMDB Configuration Management Data Base CMDB Composite Modified Double Base (Propellant) CMDB Control and Monitor Display Builder CMDB Call Management Database ) for immediate access, analysis and reporting. ECM can enforce security policies by automatically resetting configurations to their desired state when an unauthorized change (or deviation) occurs. These capabilities help IT organizations keep their mission critical systems properly configured, while ensuring security compliance with regulatory requirements such as Sarbanes-Oxley, HIPAA, GLBA GLBA Gramm-Leach-Bliley Act of 1999 (Financial Modernization Act of 1999) GLBA Gay and Lesbian Business Association GLBA Great Lakes Booksellers Association GLBA Glacier Bay National Park and Preserve , PCI DSS (Payment Card Industry Data Security Standard) Security procedures from the PCI Security Standards Council for merchants that accept credit cards online. and FISMA FISMA Federal Information Security Management Act of 2002 FISMA Federal Information System Management Act . About Configuresoft Configuresoft is an innovator in systems management technology, ensuring continuous compliance with internal policies and external regulations across today's heterogeneous computing infrastructures. Spanning both security and operations, the Company's configuration management, compliance and remediation products are used by 11 of the world's 25 largest companies to keep their critical systems properly configured, while ensuring compliance with regulatory requirements such as Sarbanes-Oxley, FISMA, GLBA, Basel II, HIPAA and DISA 1. (body) DISA - Defense Information Systems Agency. 2. (standard) DISA - Data Interchange Standards Association. , and industry standards such as ISO (1) See ISO speed. (2) (International Organization for Standardization, Geneva, Switzerland, www.iso.ch) An organization that sets international standards, founded in 1946. The U.S. member body is ANSI. 17799, PCI DSS and Microsoft Security Hardening Guides. To contact Configuresoft, please call (888) U-CONFIG or visit www.configuresoft.com. |
|
Printer friendly
Cite/link
Email
Feedback
Reader Opinion