A governance, risk, and compliance (GRC) platform that integrates risk management capabilities, enabling fund managers to assess, monitor, and mitigate risks efficiently while ensuring compliance with regulations.
Physical security devices such as biometric access controls, secure servers, and encrypted storage solutions to protect sensitive client and investment data.
More Data Privacy and Security Hardware
More Risk & Compliance ...
|
Role-Based Access Control (RBAC) Restricts system access to authorized users based on roles. |
RSA Archer supports role-based access control for granular permissions as evidenced in official documentation on user administration and access control. | |
|
Multi-Factor Authentication (MFA) Requires multiple factors to verify user identity before granting access. |
Multi-factor authentication is supported as an authentication option in RSA Archer via integration with RSA SecurID and other methods. | |
|
Granular Permission Levels Allows fine-tuned permission setting for different users and groups. |
Granular permission levels are configurable as described in Archer Suite's user and group management capabilities. | |
|
Session Timeout Automatic log-off after a period of inactivity to prevent unauthorized access. |
Session timeout features are configurable for user security in the Archer admin interface. | |
|
Single Sign-On (SSO) Integration Integration with SSO providers for unified authentication across platforms. |
Single Sign-On (SSO) integration is supported through SAML, as described in RSA Archer integration guides. | |
|
Audit Logging of Access Attempts Logs every access attempt, successful or failed, for compliance purposes. |
Audit logging of access attempts is a standard feature for compliance and auditing in Archer. | |
|
Biometric Authentication Support Hardware supports fingerprint, facial, or iris scanning for authentication. |
No information available | |
|
Remote Lockout Capability Enables the system to remotely lock hardware in case of detected threat or unauthorized attempt. |
No information available | |
|
Onboarding Approval Workflows Requires multiple parties to approve new access requests or changes. |
Onboarding approval workflows are available via Archer's configurable workflow engine for approving user access. | |
|
Access Attempt Rate Limiting Limits the number of login attempts in a given time frame. |
No information available |
|
Data at Rest Encryption Encrypts stored data to protect against unauthorized access. |
Data at rest encryption is supported and can be enforced at DB/storage layer as per RSA Archer admin/security documentation. | |
|
Data in Transit Encryption Encrypts all data moving between devices and networks using protocols like TLS. |
All data exchanged with Archer can be encrypted in transit with TLS/SSL as a deployment best practice and requirement. | |
|
Hardware Security Module (HSM) Integration Integration or native support for HSMs for key management and secure cryptographic operations. |
No information available | |
|
End-to-End Encryption Capability Supports comprehensive encryption of data from source to destination. |
No information available | |
|
Automated Key Rotation Supports scheduled or event-driven cryptographic key rotation. |
No information available | |
|
Secure Key Storage Uses dedicated secure storage for cryptographic keys, isolated from general storage. |
No information available | |
|
Self-Encrypting Drives Uses storage devices that encrypt data automatically at the hardware level. |
No information available | |
|
Encryption Algorithm Configurability Ability to select from a range of modern encryption algorithms. |
No information available | |
|
Tamper-Proof Hardware Design Hardware physically prevents and/or logs attempts to access encrypted storage. |
No information available | |
|
Data Wiping and Sanitization Secure and verifiable erasure of hardware data prior to decommissioning. |
RSA Archer provides secure deletion and sanitization options for customer data, in line with compliance requirements. |
|
Real-Time Activity Monitoring Continuously monitors all actions/transactions occurring on the hardware. |
Real-time activity/event monitoring is available through Archer's dashboard and audit functions. | |
|
Comprehensive Audit Logs Maintains immutable logs of all actions related to data access and system configuration. |
Comprehensive audit logs are inherent to Archer's compliance reporting functions. | |
|
Automated Alerting Sends automatic alerts based on defined security/risk thresholds. |
Automated alerting and notifications can be configured in workflows for risk/compliance events. | |
|
Regulatory Compliance Reporting Generates reports conforming to specific regulations (e.g., GDPR, SEC). |
Regulatory compliance reporting (e.g., SOX, GDPR) is a core Archer feature, with configurable templates and custom reports. | |
|
Anomaly Detection Detects and responds to abnormal activity using behavioral analytics. |
Archer employs anomaly detection features for risk monitoring and policy violations. | |
|
SIEM Integration Interface for exporting logs and events to Security Information and Event Management systems. |
SIEM integration for log export/sharing can be facilitated via Archer APIs and connectors. | |
|
Chain of Custody Tracking Maintains complete tracking of data and hardware possession for forensic purposes. |
Not as far as we are aware.* Chain of custody tracking is typically not an Archer core feature; focus is on digital events and user access, not physical asset tracking. | |
|
Customizable Reporting Frequency Allows administrators to define how often compliance and security reports are generated. |
No information available | |
|
Log Retention Period Configuration Configurable duration for which logs are securely retained. |
No information available | |
|
Immutable Log Storage Ensures that audit logs are tamper-evident or tamper-proof. |
Immutable log storage is available through integration with compliant storage systems and internal controls. |
|
Tamper-Evident Seals Seals which visibly indicate any attempt to open cases or enclosures. |
No information available | |
|
Physical Locks and Enclosures Locks/cages to prevent unauthorized removal or opening of hardware. |
No information available | |
|
Environmental Monitoring Sensors to detect changes in temperature, humidity, or presence of smoke/water near hardware. |
No information available | |
|
Hardware Intrusion Alarms Sensors and alarms to alert if hardware is accessed or moved without authorization. |
No information available | |
|
Visitor Access Control Records and restricts physical access of visitors to hardware environments. |
No information available | |
|
Video Surveillance Integration Supports connection to CCTV or other video surveillance systems. |
No information available | |
|
GPS Tracking Tracks hardware location, especially during transport or in mobile settings. |
No information available | |
|
Secure Hardware Disposal Processes ensuring hardware is securely destroyed or wiped after end of use. |
No information available | |
|
Physical Access Logging Maintains logs of all physical access events to hardware. |
No information available | |
|
Secure Installation Requirements Mandates installation in secure, access-controlled environments. |
No information available |
|
GDPR Compliance Meets General Data Protection Regulation standards for data privacy. |
RSA Archer is designed to support GDPR compliance (see product literature for regulatory alignment). | |
|
SOC 2 Certification Certified for Service Organization Control 2 for security, availability, confidentiality, etc. |
RSA Archer is attested to SOC 2 as per RSA compliance documents. | |
|
ISO 27001 Certification Complies with global information security management standard. |
RSA Archer supports compliance with ISO 27001 based on RSA Archer Suite documentation and positioning. | |
|
FIPS 140-2/FIPS 140-3 Validation Validates cryptographic security module per US government standards. |
Not as far as we are aware.* RSA Archer is not a cryptographic hardware appliance and is not directly FIPS 140-2/FIPS 140-3 validated. | |
|
PCI DSS Compliance Compliant with Payment Card Industry Data Security Standard if relevant. |
Archer supports PCI DSS compliance processes for relevant financial data governance. | |
|
SEC/FINRA Compliance Support Supports reporting and compliance for US financial regulatory bodies. |
SEC/FINRA compliance reporting and alignment is provided via GRC frameworks within Archer. | |
|
Customizable Compliance Policy Engine Ability to tailor controls/policies for diverse regulatory needs. |
Customizable compliance policy engine is a primary function of the Archer platform. | |
|
Automated Evidence Collection for Audits Automatically gathers and stores evidence needed for formal audits. |
Automated evidence collection for audits is achievable through Archer's workflow and reporting capabilities. | |
|
Certification Expiry Notifications Notifies administration ahead of compliance/certification expiration. |
Certification expiry notifications and similar reminders can be configured as workflow elements or alerts in Archer. | |
|
Audit Readiness Score Quantitative indicator of the product's current audit preparation. |
No information available |
|
System Uptime Guarantee Guaranteed minimum percentage of operational time. |
No information available | |
|
Mean Time Between Failures (MTBF) Predicts hardware reliability between failures. |
No information available | |
|
Self-Diagnostics Hardware runs continuous self-tests to detect faults. |
No information available | |
|
Redundant Power Supplies Multiple power supplies to reduce risk of downtime from power failure. |
No information available | |
|
Hot Swappable Components Permits parts to be changed without shutting down the system. |
No information available | |
|
Disaster Recovery Support Integrates with disaster recovery plans and external storage. |
Disaster recovery features are supported through external integration and recommended Archer deployment architecture. | |
|
Hardware Monitoring APIs Provides APIs to monitor hardware status and health remotely. |
Archer offers APIs for hardware/application health and system integration. | |
|
Firmware Update Management Supports secure, remote updates to firmware for ongoing protection. |
Firmware/software update management is part of RSA Archer platform management (especially for cloud/SaaS deployments). | |
|
Warranty Duration Duration hardware is covered under warranty. |
No information available | |
|
Rapid Spare Replacement Support Fast replacement service for failed hardware components. |
Rapid support/spare replacement is included for supported customers (applies to software platform support, hardware N/A). |
|
API Support Available APIs for integration with other risk/compliance and management software. |
Extensive API support for integration with other platforms (REST/SOAP APIs). | |
|
Standard Protocol Support Supports industry-standard protocols (e.g., SNMP, Syslog, LDAP). |
Standard protocol support for integration (e.g., LDAP for auth, REST for data, syslog via SIEM integration). | |
|
SIEM/SOAR Integration Connectivity with security orchestration and event management solutions. |
SIEM/SOAR integration is supported as evidenced by RSA and GRC deployment references. | |
|
Direct Cloud Integration Ability to connect and synchronize with cloud compliance services. |
Direct cloud integration is supported for RSA Archer On-Demand (SaaS) and cloud-native environments. | |
|
Custom Connector Capability Enables creation/adaptation of custom connectors for unique environments. |
RSA Archer allows for creation and deployment of custom connectors. | |
|
Multi-Vendor Hardware Support Operates alongside and interoperates with multiple hardware vendors. |
Supports multi-vendor environments via open integration. | |
|
Bulk Data Export/Import Can transfer historical or large data sets in/out for analysis or migration. |
Supports bulk data import/export for migration and analysis. | |
|
Integration Setup Time Average time required to integrate with other core systems. |
No information available | |
|
REST/GraphQL Interface Availability Availability of REST or GraphQL interfaces. |
Provides REST interface; GraphQL is not specified in public documentation. | |
|
Plug-and-Play Compatibility Allows rapid deployment without custom engineering. |
No information available |
|
Unified Management Console Central console for managing configuration, monitoring, and compliance. |
Archer provides a unified management console for compliance, risk, and user administration. | |
|
Multi-Language Support User interface and documentation available in multiple languages. |
Multi-language support is available, with core UI in several languages (dependent on deployment). | |
|
Customizable Dashboards Tailor admin dashboards to key metrics relevant for risk/compliance. |
Customizable dashboards for risk/compliance are a core feature of Archer. | |
|
Interactive Tutorials In-situ interactive training built into the console. |
Interactive tutorials and onboarding guidance are available in Archer documentation and some UI panels. | |
|
Role-Based Views Displays different information depending on user role. |
Role-based views are supported within RSA Archer's permission system. | |
|
Mobile Device Management (MDM) Interface Allows some management from mobile devices securely. |
No information available | |
|
Helpdesk Integration Built-in interface with support/helpdesk ticketing systems. |
Helpdesk integration is possible via APIs and tickets/workflows, and is promoted in solution architecture documentation. | |
|
Remote Management Tools Manage hardware from remote locations securely. |
Remote management and monitoring tools are a standard feature, especially for Archer SaaS/On-Demand. | |
|
User Activity Insights Analytics on hardware and platform user activity. |
User activity insights (analytics and reporting) are built into Archer's reporting functions. | |
|
Training & Certification Tracking Tracks user/admin completion of training and ongoing certifications. |
Training and certificate tracking is available as part of Archer's workflow and compliance tracking tools. |
|
Automated Incident Response Playbooks Predefined, automated responses to specific threats or compliance breaches. |
Automated incident response playbooks can be configured in Archer for common compliance events. | |
|
Secure Evidence Collection Ensures forensic evidence (logs, snapshots) is automatically and securely collected. |
Secure evidence collection for audits and incident investigations is supported. | |
|
Chain of Custody Management Tracks custody of evidence from collection to presentation. |
No information available | |
|
Incident Impact Assessment Tools Tools to quantify the risk and impact of a security compliance incident. |
Incident impact assessment tools are included for risk scoring and reporting. | |
|
Automated Containment Mechanisms Isolate affected hardware or systems automatically upon incident detection. |
Automated containment mechanisms (such as workflow-driven incident isolation) can be configured. | |
|
Integrated Case Management Links evidence, actions, and outcomes in case files. |
Integrated case management is a major feature in the Archer platform. | |
|
Forensic Snapshot Takes cryptographically accurate, timestamped snapshots of system state. |
No information available | |
|
Incident Response Readiness Assessment Quantitative readiness score for incident response. |
No information available | |
|
Automated Notification to Authorities Built-in workflows for reporting significant incidents to regulators or stakeholders. |
Automated notifications to authorities/regulators can be implemented via Archer workflows. | |
|
Remediation Guidance Library Detailed guidance for remediating detected compliance/security incidents. |
Remediation guidance library can be created within Archer's knowledge base and incident response modules. |
|
Clustered/Distributed Deployment Support Hardware can be deployed as part of clusters or distributed geographically. |
Clustered and distributed deployment is supported through scalable deployment architectures. | |
|
Modular Expansion Capability Enables incremental hardware upgrades without full replacement. |
Modular expansion (adding additional Archer modules) is supported. | |
|
Supported Maximum Concurrent Users Maximum number of users/devices hardware can support simultaneously. |
No information available | |
|
Automated Load Balancing Dynamically distributes system load to prevent bottlenecks. |
Automated load balancing is achievable at the application/server level when Archer is deployed in enterprise environments. | |
|
Automated Deployment Tooling Tools/scripts for rapid and standardized deployment across environments. |
Automated deployment tooling is provided for Archer On-Demand and supported on-premise installations. | |
|
Zero-Touch Provisioning Hardware auto-configures with minimal manual intervention. |
Zero-touch provisioning options available in Archer SaaS/On-Demand editions. | |
|
Resource Allocation Flexibility Assign and re-assign hardware resources to varying workloads. |
No information available | |
|
Multi-Tenancy Support Securely supports multiple organizational units or clients on a single hardware platform. |
Supports multi-tenancy for organizations with multiple sub-entities. | |
|
High Availability Clustering Ensures continuous operation with minimal failover time. |
High-availability (HA) clustering is supported through recommended deployment patterns. | |
|
Deployment Time Average time required for initial hardware deployment. |
No information available |
|
24/7 Support Availability Access to vendor support at any hour of the day/week. |
24/7 support is available for Archer SaaS and on-premise enterprise customers. | |
|
Transparent Vulnerability Disclosure Policy Vendor offers a clear and prompt channel for security vulnerability disclosures. |
RSA maintains a vulnerability disclosure policy for Archer and related products. | |
|
Regular Security Patch Releases Vendor provides ongoing security patching with a documented schedule. |
RSA provides regular security patch releases and maintains a patch schedule. | |
|
Service Level Agreement (SLA) Formal SLA outlining response and resolution times for issues. |
Service Level Agreements (SLAs) are standard for Archer SaaS and support contracts. | |
|
Signed Commitment to Data Privacy Vendor contractually commits to data privacy in contracts. |
RSA contractually commits to data privacy for Archer customers. | |
|
Onsite Support Option Availability of support technicians to visit physical hardware locations. |
Onsite support is an option for enterprise Archer customers. | |
|
User Community Portal Has an open user/support community for shared knowledge and peer assistance. |
RSA Archer has detailed support and user community forums (RSA Link/Archer Community). | |
|
Transparency of Sub-Processors Vendor discloses all subcontractors and third parties involved. |
RSA provides a list of sub-processors and partners in their transparency documentation. | |
|
Proactive Risk Advisory Bulletins Vendor issues advisories for emerging risks before direct impact. |
RSA Archer customers receive risk advisories and notifications from the vendor. | |
|
Support Ticket Average Response Time Average time for first response on submitted support tickets. |
No information available |
This data was generated by an AI system. Please check
with the supplier. More here
While you are talking to them, please let them know that they need to update their entry.