Symantec announced Version 10.5 of its Symantec Control Compliance Suite,
the company’s automated solution to help companies identify and manage risk and
compliance issues.
The Control Compliance Suite lets users integrate data on risk and
compliance from disparate systems into Web-based dashboards. New features
include workflow integration with Symantec Data Loss Prevention that lets IT
departments target security training at individuals who have violated policies
to educate them on the security risks they face.
"Organizations with the best insight into IT risks have the ability to
sort through thousands of IT issues on a daily basis and prioritize remediation
efforts to focus on protecting their most critical assets and data first,"
said Jim Hurley, managing director of the IT Policy Compliance Group, in a
statement.
The new version of CCS expands on the solution’s ability to integrate data
into dashboard panels with out-of-the-box connectors to collect security
awareness survey results from the Symantec Control Compliance Suite Response
Assessment Manager. Future versions will be able to integrate even more data,
including information on critical vulnerabilities, security threats and
real-time file integrity monitoring, the company said.
Version 10.5 also incorporates built-in support for the new Security Content
Automation Protocol (SCAP) benchmarks, which provide organizations with a
standardized approach to security checks and reporting across multivendor
solutions.
"The compliance environment is changing very rapidly, so I think we
need our vendors like Symantec to keep up, and I think Symantec has done a very
good job of building product and staying ahead of that curve," says
Jonathan Dambrot, CISSP managing director for Prevalent Networks, a Warren,
N.J.-based solution provider.
Prevalent has created several of its own components to enhance CCS,
including policy and bandwidth assessments, and Dambrot thinks the improvements
Symantec has made are moving the product in the right direction, especially in
its ability to integrate across multiple vendors.
"Symantec is really recognizing that we’re agnostic and want to be able
to provide value with whatever technology you’re using and give you visibility
across your technology platforms. I think Symantec has made some investments in
really making sure that architecture allows for that capability," he says.