This week RSA identifies a number of new trends that will increase the pressure on companies to look to the cloud for new GRC solutions. While security concerns have always been a concern in cloud deployments, there is no shortage of companies like Agiliance to offer solutions for this, while Applied Discovery has added document review to its hosted services.
GRC to Move to the Cloud?
The increasing cost of using GRC software as more and more regulations are introduced is always going to push enterprises to move in the direction of the cloud.
However, while costs may be one driver, the increasing complexity of regulations and the difficulty in achieving compliance with them is one of the other principal drivers.
In the lastest report from the RSA-sponsored Security for Business Innovation Council, a think-tank of Global 1000 security executives, the convergence of four new significant trends is going to force enterprises to take to the cloud. Those trends include:
- Strengthened enforcement
- Global spread of data breach notification laws
- Increasingly prescriptive regulations
- Growing business partner requirements
Entitled, A New Era of Compliance: Raising the Bar for Organizations Worldwide, the report outlines the huge impact new legislation and legal obligations are having on business, forcing companies to develop new strategies to deal with them. It also predicts that legislators will move from light-touch to more interventionist regulation.
As I see it, the trajectory of the law here is one way only, which is towards more frequent regulatory intervention, more disputes, more arguments, and more litigation, Stewart Room Field Fisher Waterhouse LLP says.
There’s a lot more here about security for anyone concerned about new regulations like those that are likely to appear once the signaled changes to the FISMA regulations are introduced. You can get a free copy of the report here.
Agiliance Manages Cloud Risk
While software compliance and moving to the cloud may be a problem for some, for others it provides opportunities.
Combined, they provide compliance, security and risk transparency for private, public and hybrid clouds, and attempt to bridge what Agilence describes as the trust-gap between physical and virtual operations. The new Cloud Risk Management services include:
- Cloud Risk Readiness: An assessment service for private and public cloud project and operator risk assessments
- Cloud Risk Operations: A monitoring service to assess security policy compliance, cloud threats and vulnerabilities using Agiliance RiskVision
- Cloud Risk Audit: An assurance service offering automated regulatory health checks and providing transparency in their infrastructure (IaaS), platform (PaaS) and software (SaaS) environments.
While there is still considerable GRC concern about moving to the cloud, pricing is going to make it just about inevitable and likely that many more vendors are going to be offering similar services to the ones Agiliance has just launched.
Axceler Offers Advanced SharePoint Administration
Another area that is causing some concern is the administration of SharePoint and the content contained it in. To give enterprises a better overview of what they have Axceler (news, site) has just released ControlPoint 4.1.
This new version of Axceler’s flagship product provides detailed analysis and management of SharePoint groups, the ability to find duplicate files across a SharePoint farm, enhanced SharePoint user reporting, as well as proactive SharePoint policy enforcement and the ability to perform actions across multiple farms.
Before this release, ControlPoint already included comprehensive permissions management, in-depth activity and storage analysis and the ability to measure performance of SharePoint environments against governance policies.
It also gives administrators complete control over the configuration and deployment of their SharePoint environments.
Hosted Document Review
Applied Discovery is an e-Discovery vendor that already offers enterprises early case assessment processing, review and production services for law firms, corporations and government agencies.
With Leverage Review, Applied Discovery says it can now offer productivity features not found in traditional document review applications.
Amongst those features is a workflow management dashboard for creating and maintaining review processes giving administrators optimal visibility and control over the prioritization, assignment and tracking of work.
It also provides detailed information about assigned batches, along with progress by reviewer and batch, and gives the review administrator fine-grained control over review. There are other services as well in the Leverage e-Discovery suite. If you want to find out more check it out.
How Important is Records Management?
Finally, assessing how important records management is to companies has always been difficult. While we touched on it in regards to SharePoint 2010 recently, recent AIIM (news, site) research shows that in light of recent events there has been a considerable increase in the importance being placed on records management by senior executives.
Contained in the E-Discovery and ERM: how is records management performing in the new spotlight report, it shows that the priority given to records management has increased over the last two years in over 80% of organizations.
Significantly, it also found that 34% of respondents have been affected by the lack of complete electronic information in a court case or a potential court case and 24% have had situations where undeleted records, held beyond their retention period, have influenced the strength of a court case -- weakening it more often than not.
Based on over 650 responses and underwritten by ASG, EMC and Iron Mountain, you can download it free from the AIIM website.