Symantec's New IT Policy Compliance Offering

by CXOtoday Staff    Aug 17, 2006

Symantec Corp. has announced an upgrade to a by-control portfolio of products - Symantec Control Compliance Suite. It is aimed at reducing cost and complexity of IT policy compliance, so that automated assessment of policies against industry regulations, standards and best practices can be done.

The suite’s new data gathering functions - agentless reporting and database discovery will offer a solution for IT control compliance reporting across platforms.

The company said that more than 4,000 customers have Symantec Control Compliance Suite components installed for governing their IT compliance posture and detecting drifts from secure baselines, identifying accounts with blank passwords, and notifying organizations as and when administrative accounts receive new members.

Symantec said that this would offer auditing capabilities with ready-to-run reports using customization options and audit creation in each environment to improve internal and external audits.

The functionality will streamline compliance with regulations as Sarbanes-Oxley, FISMA, or HIPAA, and reduce costs of doing regular audits. This will allow customers to produce “Evidence of Review” reporting to facilitate management review of access controls as mandated by Sarbanes-Oxley and other regulations which prove that privilege grants will conform to access needs.

The new suite would track compliance in IT controls related to important regulations and frameworks, and would provide efficient means for assessing compliance of control systems based on custom mappings between technical standards and frameworks and regulations.

Customers are offered powerful closed-loop identification and resolution to find and eliminate security vulnerabilities. In addition, IT administrators can establish baseline configurations for all major operating systems by creating a custom technical standard or building a reference template from pre-existing internal standards.

Technical Standard Packs are available for the following operating systems and applications: Windows, UNIX, Linux, NetWare, SQL Server, Oracle, and Exchange.

The new suite is a key component of Symantec’s IT Policy Compliance solution, which offers customizable products and services designed to help customers define, control, and govern their IT compliance initiatives.

The Symantec Control Compliance Suite 8.2 is currently available through a network of value-added resellers, distributors and systems integrators.