RSA Archer - A Straight Shot Review
June 08, 2016
RSA Archer - A Straight Shot Review
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with RSA Archer
As an Archer consultant, I work with many different types of organizations who are deploying Archer for the first time, or are looking to build upon its capabilities. I have seen instances where it is leveraged both organization wide, or just for a particular department. Archer excels at introducing efficiency to any type of business process, from managing enterprise risk, to tracking non-IT incidents, to implementing a robust vulnerability management program.
- Introduces efficiency in business processes to reduce cost.
- Automation which reduces time and errors.
- An incredible amount customization capability for the platform.
- Archer is not great at getting data and/or reports back out. There are different options and sometimes they meet the requirements, but often times they come up short.
- Documentation for administrators could be more in depth.
- Archer certainly provides ROI by introducing efficiency in processes, reducing time for tasks, and reducing errors.
- Archer workflow, notifications, and reporting provide a method of highlighting important information and notifying users when it is their time to take action.
- I have seen individuals, especially in an environment working with Policy Management, Compliance Management, C&A, etc., where they spend so much time collecting data and drafting documentation that they are not actually able to contribute to the improvement of the organization. With Archer, those pain points can be alleviated, and those individuals can get back to work and make real changes.
- eIQ Securevue and MetricStream
It has been roughly 5 years since I have seen Securevue, so a lot can change, but to me it felt like several products were purchased and an attempt was made to piece them all together into a single solution (and I believe that may have been true). It also required agents on endpoints which did not fit the model I believed customers were looking for. MetricStream appeared to be difficult to install as it took their own engineers some time to get it installed in my lab environment. I did not think their web interface was as intuitive as RSA Archer. Customization to the platform was possible to some degree, but required a lot more work and technical skills than required by Archer. I did like the landing page for MetricStream which called out the important action items for the current user, but Archer v6.X now has this feature.