Archer

TOOLS & INTEGRATION

Simplify your technology portfolio and get the most out of the tools you already have with integration and orchestration.

Workflow Engine Integration for Compliance (and Continuous Monitoring)

Archer helps clients go from manual compliance processes comprised of spreadsheets and Outlook calendars to automated workflows where compliance evidence is simply a by-product of performing day-to-day tasks. In short, the SMEs and related staff can go back to doing their jobs — and the evidence is created in the background and stored in a secure repository. This is done through a workflow engine (compliance management platform) integrated with your existing technologies. SMEs get notification of a task to be performed, they perform their work and the engine creates any necessary records and triggers notification to the next SME in the queue. Preventive and detective controls built into the technologies ensure that the process stays compliant and all evidence is stored and ready for your next self-certification or audit.

SIEM for Security, Operations and Compliance

A well-integrated Security Information and Event Management (SIEM) platform can be a powerful tool for both security and operations. In most cases, the challenge is getting everything connected to a single repository ---securely. Archer has deep experience integrating many technologies into a SIEM, from the Physical Access Control System (PACS) to the HR Information System (e.g. SAP, PeopleSoft) and the plant or distributed control system. This approach allows for either real-time analysis or automatic searching (mining) of all of your operational data for security, operational and compliance issues, as well as correlation between previously disparate or isolated platforms. This can be done through secure means that won’t open up additional security weaknesses in the critical systems. Get the most out of your analytics by seeing relevant data from the whole operation.

Access Management Across the Enterprise

Managing access can be challenging for any organization. Industrial companies are controlling access to a wider range of physical facilities, digital systems and information/data than most --- all with varying degrees of sensitivity or criticality. Add compliance requirements around access management and things can get complicated quickly. We can help you get automatic notices when personnel with electronic or physical access to critical areas, systems or data need to have access revoked. Know — before access in granted — if the staff have gone through any required training and/or background screens. Whether you are considering holistic approaches such as enterprise-wide user provisioning and identity management, or you are just ready to move past the loose key management programs and outdated spreadsheets, Archer can help you know immediately who has access to what and when.

Use Cases

- Technology overlap/simplification assessment
- Technology blueprint/roadmap development
- Technology and network architecture assessment
- Network segmentation and isolation for critical systems
- Analog to digital migration (modernization)
- Data transformation and migration between disparate platforms
- Industrial Internet of Things (IIoT)

Product Vendor Services

Archer provides services to technology and product vendors as well as industrial organizations. We help product vendors trying to enter the industrial technology marketplace understand the best possible approach to developing, securing and marketing their product in the industrial sectors. This includes everything from a review of the product architecture to the potential compliance impacts (or benefits).