|
Products
and Services
Introduction
| Policy
Management System |
Compliance Consulting
Compliance Tools |
Compliance
Monitoring
Compliance Tools
A common need in
the regulatory compliance environment is to ensure adequate data
security over computerized assets. Totally Compliant has arranged to
resell and integrate several best-in-class solutions that support data
security and disaster recovery compliance.
Policy
Management System
The Command Center™ product from META Security Group is a
comprehensive tool that provides a policy structure, a set of Standards
to implement policy, and can refer to Technical Procedures specific to
individual technologies or platforms. It also provides a way to ensure
that policies are read and agreed-to within an organization.
It has a Vulnerability Management module which allows
that tracking in a real-time basis of specific system vulnerabilities
that would affect the technologies that exist within an organization.
Emerging vulnerabilities are matched to installed component profiles and
appropriate notification and patch delivery takes place. The
Policy Management
page fully describes the capabilities of Command Center™
Simply Scan
Simply Scan provides a hosted disaster recovery solution
for data. Through a simple browser interface, it allows the scanning or
sending of critical/sensitive data to an off-site, secure location for
later retrieval and use. It provides access security to that data, and
ensures it is always stored encrypted, so that the hosting site cannot
ever read or access the data.
Simply-Scan is a powerful web hosted application. Using
robust data centers for application hosting along with industry-leading
file storage technology and encryption, Simply-Scan delivers performance
and security. There's no capital expense, no server hardware or
software, no installation, no long connect times and no maintenance.
When you put Simply-Scan to work, you'll have access to your documents
24 hours a day, 7 days a week from ANY web-connected device, allowing
you to store, manage and share files securely over the Internet. All
you need is the Internet and a web browser.
Administration of Simply-Scan is a breeze. You simply
create your account, authorize individual users and groups of users, and
define the levels of access to folders and documents. Users will find
it quick and easy to create cabinets and folders and start storing,
managing and sharing files using Simply-Scan. The interface follows
common desktop conventions for exploring and managing files, making
adding or deleting files and other functions as easy as pointing and
clicking. Users of Simply-Scan can easily locate files using its
powerful search capabilities. Viewing and printing of files is equally
straight-forward because Simply-Scan supports an unlimited amount of
file formats and provides numerous output options.
Automated
Business Impact Analysis
The Automated Business Impact Analysis is a web-based
questionnaire which can prioritize business processes or computer
applications for criticality. It is used to codify the requirements for
disaster recovery or security, and provides a consistent process to
determine priority.
The product is a web-based tool to guide and document a
Business Impact Analysis, which is a standard approach toward
prioritizing computer, network and application systems preparatory to
planning for business continuity or disaster recovery. In a typical
situation, a questionnaire is devised, usually with the help of outside
consultants, and then a team comprised of business users and computer
specialists will answer, weight and score the results. The resultant
scores are then arrayed in order or are pointed to coded priority
rankings that determine the recovery priority in case of disaster. The
process provides an objective focus to deal with the realities that
immediate disaster recovery of all resources is impossibly costly and
not realistic.
The user is presented with a web-form questionnaire, in
which he or she is asked to define the application or system, provide
some basic data about who “owns” it, who supports it, where it is
processed and what systems feed it as well as are dependent on it. Then
a series of questions are asked, with drop down or fill in the blank
answers. The questions are grouped into categories, such as Operational
Impact, Financial Impact, Regulatory Impact, etc. The focus is to
determine the impact if the particular application or system were not
available for a defined period of time. The answers may get into
quantitative detail, as “what is the loss of revenue per day?”, which
require a business knowledge of the purpose and use of the application.
Therefore, usually the questions are answered by teams of people, or are
shipped back and forth by email, to solicit the most appropriate answer
to difficult questions.
Once
answered, the questions are then automatically analyzed and scored.
All the scores in a particular category are totaled. The results
are “normalized” against a rating system that is tailored to each
organization, based on parameters put in place during the installation/setup
phase.
|
