This content is part of the Essential Guide: Security Readers' Choice Awards 2013
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Best of policy and risk management 2013

Readers vote on the top policy and risk management products in 2013: IT governance, risk and compliance products, and configuration management.

Gold: IBM Tivoli Compliance Insight Manager, IBM Corp.

Readers awarded the gold medal to the IBM Tivoli Compliance Insight Manager software in the policy and risk management category, declaring it "excellent." While the product outscored the competition for ease of installation, configuration and administration, it also earned accolades for effectively identifying security risks and policy violations. Overall, the software earned noteworthy scores in all areas of the category.

This compliance software provides a security overview with automated, enterprise-wide monitoring. It features automated user activity monitoring with dashboards and reporting to help you manage your security compliance. The software is also designed to monitor and audit privileged users for databases, applications, servers and mainframes; translate captured native audit log data into easily understood language and efficiently collect, store, investigate and retrieve logs through automated log management. It integrates with IBM identity management and other security products to help optimize compliance and incident response, and creates custom compliance modules through an advanced report definition engine. Tivoli Compliance Insight Manager runs on the Windows OS.

Readers threw their support behind IBM Tivoli Compliance Insight Manager, proclaiming it to be "a great deal."

Expert market reflection on category dynamics:

"In the area of risk management, we are starting to see advanced risk analytics to analyze the impact of risk on business performance. There's also a dramatic increase in the risk assessment and monitoring of third parties. Policy management is evolving to include mapping of policies to controls, risks and regulations, with regulatory change management emerging as a critical capability to keep policies up to date."

-- French Caldwell, vice president and Gartner fellow

Silver winner:  VMware vCenter Configuration Manager, VMware Inc.

Last year's gold winner, VMware vCenter Configuration Manager, may have slipped to silver, but it still received rave reviews such as "We love it." The software is designed to automate configuration management across virtual and physical servers, workstations and desktops. Tasks such as configuration data collection, compliance assessment, patch management and OS provisioning can all be automated. VMware VCenter Configuration Manager also can be used to continuously audit the configurations of VMware infrastructure as well as Windows, Linux and Unix OSes. Compliance templates can be used to assess configuration compliance with industry and regulatory mandates such as SOX, HIPPA and PCI-DSS.

Bronze winner:  McAfee ePolicy Orchestrator, McAfee Inc.

McAfee ePolicy Orchestrator software won the bronze medal, garnering high scores for its granular and flexible policy management definition capabilities. Unifying security management through an open platform, the product offers end-to-end visibility with drillable, drag-and-drop dashboards that provide security intelligence across endpoints, data, mobile and networks for immediate insight and faster response times. It also features real-time security status, simplified security operations and an open, extensible architecture. The real-time security status allows administrators to see critical product details in seconds and remediate security issues directly on endpoints as events are happening.

This was last published in October 2013

Dig Deeper on Risk assessments, metrics and frameworks

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.