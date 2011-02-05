Virtustream Adds Software-as-a-Service Support to its Risk Management and Continuous Compliance Monitoring Software

May 2018 by Marc Jacob

Virtustream launched the next generation of Virtustream® Viewtrust, its risk management and continuous compliance monitoring solution. With this release, Virtustream evolves its ability to extend secure compliance and risk management capabilities to the cloud, providing customers from both the enterprise and public sector comprehensive insight into their risk and compliance posture across physical and cloud environments whether private, public or hybrid.

The world of enterprise information security, risk management and regulatory compliance continues to grow more complex, virtualised and distributed. To address the changing landscape, a recent Thomson Reuters survey revealed “it is no longer sufficient to simply throw more and more resources at risk and compliance — firms are now seeking targeted risk management outcomes by utilising technology and specific value-add compliance skills.” With Virtustream Viewtrust, customers have a near real-time view of their entire compliance posture, continuous monitoring and automated risk analysis based on customised threat and impact values. This enables organisations to assess and address issues in a proactive, efficient, repeatable and consistent manner across the entire business.

Major public sector agencies and global enterprises rely on Virtustream Viewtrust to protect their systems and customers from persistent and evolving cyber threats. Available as an on-premises software deployment, self-service SaaS or managed service model, the benefits of Virtustream Viewtrust include:

• Reduced cost and complexity of managing extensive compliance regulations. Virtustream Viewtrust continuously monitors the IT landscape, identifies potential risks to enable proactive remediation, and delivers reports and associated artifacts necessary to address regulatory oversight. Additionally, it meets industry compliance requirements such as FISMA, SOX, PCI DSS, HIPAA, ISO 27001, FedRAMP and more, in addition to adhering to GDPR requirements and custom user-defined compliance frameworks.

• Continuous monitoring of risk in spite of ever-increasing volumes of data. Viewtrust provides a scalable platform for ingesting, collecting, storing and processing sensor data such as vulnerability scans, configuration scans, logs and policies. Virtustream Viewtrust employs risk-scoring algorithms to compute risk based on asset, system, geo-location and mission criticality, ensuring that regulatory compliance control requirements are met through automated risk mitigation workflows. All information is stored in a central dashboard for end users and project management leaders’ compliance reporting needs.

• A singular, automated 360° operational view of enterprise risk and compliance. Virtustream Viewtrust automates compliance and reduces the overall cost of managing risk. The solution orchestrates a true 360° enterprise risk view by integrating reporting data from virtually any collection of existing systems, empowering enterprises with a comprehensive insight into their risk and compliance posture across physical and cloud environments whether private, public, hybrid or community clouds.

• Built-in audit package document generation and management capabilities. Viewtrust provides numerous predesigned and formatted templates designed to align with industry requirements for auditing and compliance. Workflow-based automation manages the complete audit package lifecycle from initiation to validation to certification and accreditation. Templates can also be customised to exact client specifications to create comprehensive risk management reports to meet unique regulatory and enterprise needs.

• Integration with DISA eMASS. Viewtrust integrates directly with the US Government’s Defense Information Systems’s Agency’s (DISA) Enterprise Mission Assurance Support Service (eMASS) application enabling Information Assurance (IA) teams to automate the publication of compliance statements, assessments, artifacts and Plan of Action and Milestones (POA&M) into eMASS. Viewtrust automation significantly reduces the time spent completing steps three and four of the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), and thus significantly reduces the time spent documenting the compliance requirements of federal agencies.