MetricStream GRC Platform to Improve IT Risk and Governance for One of the Largest Social Networking Companies

Top Quote One of the world's largest Internet and social networking companies has selected MetricStream IT-GRC Solution to secure its IT infrastructure by supporting an integrated program for IT and vendor risk management, compliance management, and policy management. End Quote
  • (1888PressRelease) September 11, 2012 - Palo Alto, California - MetricStream will help the company manage risk and control assessment workflows, automate technical control testing, enable vendor security assessments, manage compliance requirements, and collect and distribute security risk metrics.

    The company's large scale IT infrastructure comprising thousands of servers faces the challenge of constant cyber threats. The company needed a technology solution to aggregate data from different security tools used for security audits, vulnerability management, log management, and other areas. The company also wanted to automate end-to-end information security risk and compliance workflows. Another key driver for this initiative was the need to create an overarching management and reporting function that would unify and add a business context to threat and vulnerability data. This, in turn, would help the company implement a mature, risk-oriented security program.

    Recent security breaches faced by various corporations have demonstrated that cyber threats are becoming increasingly sophisticated, and are outpacing traditional IT security measures. New attack vectors are being discovered nearly every day. Simultaneously, organizational boundaries are blurring with the growing use of cloud-based applications, mobile devices, and other technologies, which broaden the attack surface and make IT risk management difficult. Cyber attacks are no longer limited to the organizational perimeter, but can extend deep within, through sophisticated attack vectors and social engineering.

    Internet-based companies need to be particularly proactive in managing information security and other IT risks in order to build a safe and well-protected platform that users can trust. Many have begun adopting measures to effectively manage cyber threats related to the cloud, social media, hacktivists, mobile devices, and other IT areas.

    MetricStream IT-GRC Solution works on top of various security tools and products. It integrates inputs from control automation and monitoring tools, such as vulnerability assessment, configuration assessment, identity and access management, and Security and Information Event Management (SIEM) tools. It then leverages this information to provide actionable "top-down" risk intelligence. This, along with the ability to manage risks related to regulatory compliance requirements and policies, makes MetricStream a one stop solution for managing enterprise and IT risks.

    About MetricStream
    MetricStream is a market leader in Enterprise-wide Governance, Risk, Compliance (GRC) and Quality Management Solutions for global corporations. MetricStream solutions are used by leading corporations such as UBS, P&G, Constellation Energy, Pfizer, Philips, BAE Systems, SanDisk, Cummins and Sonic Automotive in diverse industries such as Financial Services, Healthcare, Life Sciences, Energy and Utilities, Food, Retail, CPG, Government and Manufacturing to manage their risk management, quality processes, regulatory and industry-mandated compliance and corporate governance initiatives, as well as several million compliance professionals worldwide via the portal. MetricStream is headquartered in Palo Alto, California and can be reached at

  • FB Icon Twitter Icon In-Icon
Contact Information