New Cloud Solution Helps Deliver “Holistic, Risk-based Information Security Programs” To Improve Security and Compliance
TraceSecurity, a Los Gatos, California-based firm offering cloud-based IT governance, risk and compliance (GRC) solutions, today launched “TraceCSO”, a new cloud-based solution designed to give businesses of any size the ability to evaluate, create, implement and manage a risk-based information security program.
“Today, organizations struggle with growing risk, complexities, costs and resource demands of deploying and maintaining a complete information security program around risk and vulnerability management, governance and compliance,” the company explained.
A problem for many smaller organizations when it comes to GRC solutions is often the cost. Most GRC solutions are designed for larger enterprises and highly regulated industries, and can be costly both on software licensing fees and implementation costs.
With subscription pricing starting at about $5,000 per year, TraceCSO gives organizations an affordable solution that the company says can be deployed quickly to centralize and tightly integrate key functional areas. These areas include risk management, auditing, governance and compliance reporting; as well as specific areas of policy, process, training, vendor, and vulnerability management, the company said.
“A hosted approach backed with long experience in the field enables a much wider range of organizations to have access to tools for more consistent management of security and regulatory priorities,” said Scott Crawford, Enterprise Management Associates managing research director.
“Many organizations simply do not have access to this capability, or need a more consistent source of insight on objectives and best practices,” Crawford added. “TraceSecurity is helping extend these values to a much broader swath of organizations than many on-premises technologies, and can also go far to help reduce management costs.”
The company says that TraceCSO guides users through the process of implementing and managing a “holistic risk-based information security program” that can identify and reduce many redundant security controls and security gaps caused by disparate systems.
In order to help organizations stay current with the latest regulatory mandates specific to their industry, TraceCSO leverages a global database of hundreds of authorities and more than 25,000 regulations and citations.
“The TraceCSO system is slick and the setup wizard is very intuitive,” said Richard Reinders, Lake Trust Credit Union Information Security analyst. “The assessment structure has so many options, you can take multiple approaches and the system still works. Also, its process management functionality can help us align controls with institution policies that are documented to meet industry regulations.”
TraceCSO’s wizards guide the system set up of adding users and departments, defining permissions and roles, coordinating network scanning, and selecting authority documents.
“TraceCSO enables organizations to implement enterprise-level security without enterprise-level overhead or costs,” said Peter Stewart, TraceSecurity President and CEO. “This new product eliminates current barriers of managing an on-going and complete risk-based information security program, including the lack of security expertise, resources and tools.”
TraceCSO will be available later this month directly from TraceSecurity.