AvePoint Compliance Guardian Service Pack (SP) 1 raises the level of capabilities of the platform to not only work for current technologies, but to be so adaptive that it can work with content and content management systems wherever they exist and however the content is served. This becomes important because data today can be “nomadic” and if we cannot monitor, track, and protect it as it traverses an organization’s systems and introduces unnecessary risk.
Compliance Guardian SP 1, simply put, minimizes risk, protects your customers, and your brand. Additionally, Compliance Guardian SP 1 addresses both difficult business and technology problems through innovative and programmatic approaches. A good example of this in Compliance Guardian SP 1 is that the AvePoint Testing Language (ATL) goes even further in implementing advanced pattern recognition coupled with secondary validation capability, which is designed to decrease what is commonly referred to as “false positives”. Some of the main new features in Compliance Guardian Service Pack 1 are listed in this post below.
In addition to Microsoft SharePoint 2013, Compliance Guardian now supports not only file systems, but also any system that serves its content or framework via a web server. From a file system perspective, this is very important because the capability is basically platform independent and can connect to files systems that support the usage of Universal Naming Convention (UNC) paths.
From a web server perspective, Compliance Guardian can now connect to any number of commercially available content management systems or web publishing systems like Blogger or WordPress. If data is served via an HTTP server, Compliance Guardian can test the system and content. However, web servers and web-based applications are quite dynamic, and in order to validate content it can be necessary to run through a series of steps and/or transactions to even get access to the data and systems that must be validated. Compliance Guardian handles this by delivering the ability to create and edit transactional scenarios to test the web service or application that is the target of the validation. With Compliance Guardian, you can simply use your browser as you normally would to walk through your website application, save your steps, and then play back in the platform as a way to initiate a scan – no coding or scripting knowledge is required.
Compliance Guardian SP 1 addresses assessment of risk by providing the ability to discern risk levels based on three tiers:
• Basic – raw risk based on incident
• Stepped/magnitude – the amount risk grows per incident due to type of incident
• Cost/probable loss- the dollar or weight given by risk classification
This industry-first method of automating the assignment of risk assessment based on quantitative and/or qualitative measurements makes a countermeasure assessment practicable while diminishing vulnerability. Compliance Guardian SP 1 comes with these thee core components preconfigured. To learn more about how Compliance Guardian determines risk and enables you to take the proper action upon it, please read my previous blog post.
Compliance Guardian SP 1 also features enhanced file and scan type support. This includes but is not limited to: legacy Microsoft Office formats, RTF, CHM, Visio, Star Office, JPEG, HLP, and XML WordPerfect. With full support for IFilter, customers can use third-party filter packs to support any number of open or proprietary document formats, including AutoCAD. Additionally, customers can now choose the extent to which they want to scan content in order to adjust for document store types and risk. Scan types now range from “normal” to “deep scans”.
From a test suite perspective, Compliance Guardian SP 1 includes enhanced updates for the Web Content Accessibility Guidelines (WCAG) 2.0, Privacy Basics, Australian Related Privacy Standards, and a New Site Quality Test Suite. The Site Quality Test Suite combines both framework and content quality factors to help ensure:
· Web services and content are optimized for mobile usage
· Brand quality factors are followed
· Black lists and white lists are in place for words, phrases, and URLs
· Site structure and usability framework contain no errors nor missing assets
· Search Engine Optimization (SEO) best practices are followed to support the usage and promotion of applications and/or web properties
Compliance Guardian SP 1 also features both updated and new rule types. A major highlight is the content-aware custom rule type. This enables Compliance Guardian to identify potential errors and then run enhanced and optimized processes against the vulnerability subject to validate via checksum, lookup, or other processes to confirm whether or not there is actually an error and/or threat. Compliance Guardian also has the ability to filter out known false positive patterns in the rules definitions to account for system generated pattern matches that should be ignored.
In terms of reporting, Compliance Guardian SP 1 adds a complete link validation report that provides insight to both site and document quality. Additionally, there are new quality reports like the “Page Title Error” report for usability as well as the “New Error Highlight” report for all document types, which was previously only available for HTML pages.
These are just some highlights of Compliance Guardian SP 1. Look out for additional blog posts, videos, webinars, and other content that will explore at all these features in greater detail. To learn more today, please visit our website or contact us to request a personalized demo.