Lumension moves to reduce compliance headaches with risk management solution

Lumension has launched an enhanced compliance and IT risk management solution.

The company claimed that the Lumension Risk Manager helps organisations achieve a lower compliance total cost of ownership by streamlining the IT audit processes, harmonising controls with policy requirements and offering expanded automated assessment and remediation capabilities.

Mike Wittig, president and chief technical officer of Lumension, claimed that compliance has become a four-letter word for many security practitioners as it conjures up visions of late nights spent poring over data points and audit profiles to ensure that their organisation is fully compliant with the overwhelming number of IT compliance-related mandates that exist today.

“Our vision with Lumension Compliance and IT Risk Management and a main driver behind our acquisition of Securityworks this past spring, is to provide our customers with the technology they need to make their IT compliance and risk management processes more manageable, automated and repeatable,” said Wittig.

“With LCRM, our customers will gain the necessary visibility between operational endpoint security and strategic IT risk that's required for a better connected, smarter run, more efficient and more business-centric IT organisation than ever before.”

Lumension claimed that the key benefits of the risk manager are its ability to reduce external audit resources, as it provides IT organisations with a comprehensive compliance and IT risk management framework where IT resources are associated with critical business interests. Also, harmonised controls are established to meet multiple compliance and policy mandates.

Andrew Clarke, senior vice president international at Lumension Security, claimed that it will allow ‘organisations to put the solutions within their environment that needs to manage technologies to help address risk'.

Clarke said: “Organisations are spending three to four times more than they need to just to collect evidence. People need to prioritise what they need to know what is in the business, so they go out and identify access in IT to understand anything that is classified as an asset.

“Companies need a repository of information, if it is an issue of how many standards they need to comply with then how do the controls relate to the organisation? Business is driven to advice on compliance but in a scalable way, we've created a process that automates the cycle that puts information back into the assessment that is run whenever it is needed. It is about efficiency of the business.”

Sign up to our newsletters