With ever increasing regulatory requirements, guidelines and standards it's hard for businesses to ensure that they're following everything correctly. Add in the need to ensure compliance from third-party vendors too and it can become a major headache.
Cloud based security specialist Qualys is about to help streamline things by announcing the general availability of customizable questionnaires as a new addition to its suite of integrated services.
Qualys Security Assessment Questionnaire (SAQ) enables organizations to assess business processes and vendor risk by centrally capturing all relevant information, therefore reducing time and cost. In addition, this new service allows companies to demonstrate compliance against internal policies, standards and mandates such as PCI-DSS, HIPAA, COBIT and ISO 27001/2.
"Organizations must adhere to hundreds of constantly evolving regulatory requirements, standards and guidelines, and ensure that third-party vendors follow them as well," says Philippe Courtot, chairman and CEO of Qualys, Inc. "Until now the task was largely a manual process managed via email and spreadsheets. Qualys SAQ has turned a previously tedious and decentralized process into a streamlined, simple and repeatable one managed entirely online".
SAQ is a cloud-based solution that systematically gathers risk data, compliance information and evidence files. It addresses both the procedural and technical requirements of security and compliance. The package includes the ability to create custom templates by importing questions or can use out-of-the-box campaigns to assess risk and compliance requirements.
A questionnaire template can be assigned to specific users or groups. Questionnaire results can also be grouped together to simplify the management of multiple ongoing surveys. Results can be monitored via campaign progress tracking and customizable dashboards, reflecting vendor risk and compliance posture.
You can find more information and request a free trial on the Qualys website.
The company today also announced a beta app for the ServiceNow configuration management system that will automatically update the ServiceNow Configuration Management Database (CMDB) with any asset discovered by Qualys, and with up-to-date information on existing assets. This will give ServiceNow users full visibility of their global IT assets on a continuous basis.
"Every unidentified or misclassified asset and every delay in securing it invites security breaches," says Courtot. "Our highly distributed cloud-oriented architecture enables us to provide a real-time view of an organization’s global assets across on premise infrastructures, elastic cloud environments and endpoints. This seamless integration with the ServiceNow CMDB provides users full visibility of their global assets within the ServiceNow environment".
More details on this can be found on the Qualys blog.
Image Credit: pichetw / Shutterstock