EMERGING TECHNOLOGY, CYBERSECURITY
Prnewswire | April 04, 2023
Appian today announced it has completed the Infosec Registered Assessors Program (IRAP), which allows the company to provide cyber security assessment services to Australian government agencies and help them to securely automate their most critical processes.
"Appian has a long history of supporting our global base of government customers in heightened security environments. Our IRAP assessment demonstrates our commitment to the Australian public sector and provides additional confidence in using the Appian Platform for their most mission critical business processes," said Jason Adolf, Industry Vice President, Appian.
The certification adds to four other new global security certifications for Government achieved in March this year, as well as Appian Protect, which is a new set of security offerings providing trusted data monitoring and end-to-end encryption for cloud and mobile applications, and a whole host of industry-leading compliance accreditations achieved globally.
Appian Protect gives Appian customers increased control over their security posture, with top-tier encryption capabilities, 24x7x365 monitoring, and defense-in-depth data protection.
"Appian is committed to providing the most trusted platform for complete process automation," said Luke Thomas, Area Vice President Asia Pacific & Japan at Appian. "With our enhanced security offerings, Appian now meets the most rigorous Cloud security and compliance requirements of financial services, healthcare and government agencies."
Appian Protect provides access to security features embedded in the Appian Platform, including:
Data Loss Prevention (DLP) that alerts on or blocks abnormal user behavior
Monitoring with security orchestration and automated response (SOAR)
Real-time intrusion detection and monitoring
Comprehensive antivirus scans
Enterprise-ready authentication and authorisation with single sign-on (SSO)
Integration authentication
Inbound web API authentication
Row-level data fabric security with user access preview
Appian has a long history of partnering with Government bodies around the world, dating back to its foundation work in the early 2000s with defense and security agencies.
"Appian has an established track record of leading the industry in how sensitive and regulated data is handled, and in easing the burden for organisations needing to prove regulatory compliance," said Michael Beckley, CTO and Founder, Appian. "Our investment in Appian Protect furthers our commitment to the industrial-strength security that enables our customers to achieve significant time and cost savings with confidence."
Appian's secure architecture complies with state standards and certifications including SOC 2 Type II, SOC 3, HIPAA, FDA 21 CFR Part 11, Impact Level-5 in US Federal, PCI DSS, FedRAMP, and HITRUST. Most recently, the company achieved State Risk and Authorisation Management Program (StateRAMP), Canada Protected B, UK Cyber Essentials Plus, and Spain's National Security Framework accreditations.
About Appian
Appian is a software company that automates business processes. The Appian Platform includes everything you need to design, automate, and optimize even the most complex processes, from start to finish. The world's most innovative organizations trust Appian to improve their workflows, unify data, and optimize operations—resulting in better growth and superior customer experiences.
Read More
GOVERNMENT FINANCE
PR Newswire | May 18, 2023
OneTrust, the market-defining leader for trust intelligence, introduces OneTrust Artificial Intelligence (AI) Governance, a comprehensive solution designed to help organizations inventory, assess, and monitor the wide range of risks associated with AI. As organizations use AI and machine learning (ML) to process large amounts of data and drive innovation, AI Governance provides visibility and control over data used and risks generated by AI models.
According to Gartner, "Success and scaling of AI projects require leaders to address strategies and methods related to fairness, transparency, explainability, reliability, privacy, and security."1 As the use of AI and machine learning becomes more widespread, it is essential for organizations to address the privacy, ethical, and societal risks associated with these technologies. With AI Governance, organizations can embed data ethics, privacy, and security practices by default into the use of AI across their business.
"Responsible AI is not an option, but a necessity in today's business landscape," said Blake Brannon, Chief Product and Strategy Officer at OneTrust. "AI Governance provides a comprehensive solution for managing the unique risks associated with AI, including privacy, ethical, compliance, and operational risks. Using our product, organizations can automate record keeping and risk management, ensuring transparency, fairness, and accountability in their AI systems. By implementing responsible AI practices, companies can build trust with customers, regulators, and society at large, and position their business for success in the AI-driven future."
With AI Governance, compliance teams and data scientists can better understand data use and classification, evaluate the risks, and demonstrate compliance with emerging global requirements to ensure AI is used ethically and responsibly:
Inventory: Organizations can centrally view and manage AI projects, models, and data sets both internally developed and sourced from third parties. AI Governance establishes relationships across data sets and AI models to trace the path of data from its origin.
Assess risk: Users can assess AI projects against global laws and frameworks, including the NIST AI Risk Management Framework (RMF), OECD AI Principles, and more. AI Governance, along with OneTrust Data Discovery & Governance, connects to structured and unstructured sources of data to automatically discover and classify sensitive and personal data that may drive algorithmic bias or privacy risk. Regulatory intelligence helps automate compliance workflows and risk management, and automatically generate required control mitigations and compliance documentation such as conformity assessments.
Monitor: AI Governance integrates with existing model registries and MLOps tooling to detect AI model use and changes, and sync with a centralized inventory. Teams can continually evaluate models and training data for drift, bias, fairness, accuracy, and quality with in-app alerts.
Only OneTrust provides the powerful combination of privacy and risk management solutions, built-in regulatory guidance, data discovery and classification, and AI risk management framework templates to manage the unique and broad-reaching risks posed by AI systems. The solution leverages OneTrust's deep experience in data privacy and governance, and robust tools for managing risk and record keeping for audit, compliance, and proactive trust management.
OneTrust AI Governance will be available to select, qualifying customers through the AI Governance Early Access Program (EAP). This program offers an opportunity to get an early look at the solution and provide feedback to shape its development.
About OneTrust
OneTrust is the trust intelligence cloud platform organizations use to transform trust from an abstract concept into a measurable competitive advantage. Organizations globally use OneTrust to enable the responsible use of data while protecting the privacy rights of individuals, implement and report on their cyber security program, make their social impact goals a reality, and create a speak up culture of trust. Over 14,000 customers use OneTrust's technology, including half of the Global 2,000. OneTrust currently ranks #24 on the Forbes Cloud 100 list of top private cloud companies in the world and employs over 2,000 people in regions across North America, South America, Asia, Europe, and Australia.
Read More
CYBERSECURITY
Globenewswire | April 13, 2023
ID.me, the secure digital identity network, and Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®, today announced a partnership. Under the agreement, Carahsoft will serve as ID.me’s Master Government Aggregator®, making its identity solutions and expansive pre-verified network available to the Government through Carahsoft’s reseller partners, GSA Schedule, and the ITES-SW2 contracts.
“We are excited to work with Carahsoft and its reseller partners to expand the acquisition pathways by which agencies can partner with ID.me,” said Derrick Roberts, Director of Business Development at ID.me. “With this new partnership, agencies will have greater choice in the way they procure ID.me products and services. Recognizing that Carahsoft is a leader in Public Sector technology distribution, we couldn’t be more thrilled to work with them to deliver our solutions to even more customers.”
ID.me helps agencies improve security, end-user experience, and equitable access for online services by offering identity verification services and digital wallets that are conformant with Federal guidelines. ID.me increases equitable access to online services by being the only identity verification service to maintain its compliance with the NIST Federal Digital Identity Guidelines while offering three pathways to verification. Furthermore, ID.me protects agencies against fraud by providing an end-to-end suite of controls that can counter social engineering and other vulnerabilities.
“With the increased number of digital applications for Government services, agencies are in need of reliable and secure digital identity verification technology that helps them meet security and equity objectives without compromise,” said Rich Maigue, Sales Director who leads the ID.me Team at Carahsoft. “We look forward to working with our resellers to make ID.me’s products and services accessible to agencies across the Public Sector.”
ID.me’s products and services are now available through Carahsoft’s GSA Schedule No. 47QSWA18D008F, and ITES-SW2 Contract W52P1J-20-D-0042.
The dedicated Cybersecurity team at Carahsoft specializes in providing Federal, State and Local Government agencies and Education and Healthcare organizations with security solutions to safeguard their cyber ecosystem.
About Carahsoft
Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider®, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator® for our vendor partners, we deliver solutions for Cybersecurity, Geospatial Intelligence, MultiCloud, DevSecOps, Big Data, Artificial Intelligence, Open Source, Customer Experience and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles.
About ID.me
ID.me provides identity verification, authentication, and community affiliation for 102 million users, enabling access to more than 620 client partners, including 14 federal agencies and 35 state agencies. ID.me's omnichannel, consumer-centric model of identity improves user experience, makes existing workflows more efficient, increases equitable access for underserved populations, and promotes trust in online transactions. It accomplishes these by making secure, high-assurance identity verification portable across its network of users and supported organizations – one secure login for a user’s digital life. Companies and government agencies can have increased access and increased security without compromise. ID.me’s model also puts users in control of their data, helping companies and government agencies meet their privacy objectives as well. To promote security of its network, ID.me meets the federal standards for consumer authentication and is independently assessed to be conformant with NIST 800-63-3 IAL2 / AAL2 guidelines by the Kantara Initiative. It also holds multiple security certifications including a Federal Risk and Authorization Management Program (FedRAMP) Moderate Authority to Operate (ATO), SOC 2 Type II, and ISO27001:2013. ID.me strives towards its mission of "No Identity Left Behind" to enable all people to have secure access to online services.
Read More