BWise is an Governance, Risk Management, and Compliance (GRC) platform formerly owned and supported by Nasdaq, acquired by SAI Global in April 2019.
N/A
Forcepoint DLP
Score 8.2 out of 10
N/A
Forcepoint DLP promises to address human-centric risk by providing visibility and control everywhere your people work and everywhere
your data resides. Security teams apply user-risk scoring to focus on the events that matter most and to accelerate
compliance with global data regulations. The vendor promises these benefits: Accelerate compliance Empower people to protect data Advanced detection and controls that follow the data RESPOND…
Well suited for general compliance, multiple initiatives, and integration with TeamMate. SAP GRC Process control may be better suited for an SAP environment. Oracle GRC may be better suited for an Oracle environment. Overall, BWise is a very cost effective, and flexible solution.
It's very user friendly and easy to use. Rules can be managed on user-friendly interface web site console. For-example, violation can be release via management module. It provide prevention sensitive data against accidental data loss and compromised. Rule set sometimes work, sometimes does not work. There is no OCR feature. Forcepoint DLP tool does not have any AI feature that can learn user behavior or data and produces alarm.
Great reporting tool (uses SAP Business Objects). It is quite flexible on types of reports that can be created and supported. Also the reporting consultants are very competent and nice.
Highly customizable solution: almost everything can be tailored to an organization's needs, assessments, audits, issues, recommendations, tasks, etc. However, there's a trade-off between customization and the integration of different areas of the organization.
Increases visibility and efficiency in the organization. BWise offers centralized repositories (catalogs) that can be easily accessed and used by everyone in the organization (e.g. Process catalog, Policies and Procedures catalog, Risks, Controls, Laws catalogs, etc.). Also, the application allows findings on controls tested by Audit to be automatically reflected in controls monitored by SOX for example, without the need for SOX to retest them. So one area can leverage on the work of other areas increasing operational efficiency.
Increases integration and avoids silos. By choosing the correct design (e.g. Risk Workshops instead of Open Assessments), one area can see and benefit from another areas' work. An example was mentioned above; another would be Operational Risk area considering the results of Business Continuity, Vendor Management, Info Security, etc. assessments when carrying out theirs. Additionally, processes can be integrated: when contracting a new vendor for instance, one can include questions about data confidentiality and usage of models in the Vendor risk assessment. Answers to these could then trigger Info Sec / Model Risk assessments.
Increases accountability. Application provides full audit/change log with the type of change, name of executor, and date of change.
Easier follow-up. BWise sends automatic emails with reminders to the people required to take action on an issue, assessment, etc.
It has predominantly protected us from unauthorized parties and has provided us with better visibility and control over our data.
This software has also successfully prevented us from both malicious and accidental tasks, which are quite flexible actions when it comes to the violation of data loss prevention policies.
This product has been successful in improving compliance and even mitigating compliance violations, which further facilitated IT security.
I think there is room for improvement, as the user interface is slightly rough and difficult to adopt in the beginning. The software also hangs up at a few instances, which leads to some wasting of time and annoyance, but other than that, this software is good. The technical staff should work on the complexities for a better user experience.
Forcepoint technical support--specially for users who go with essential support--is challenging to get support on time. You need the ticket to be raised long beforehand to get support from TAC. However, in the case of enterprise support, its is not like this technical person will come on a priority basis.
However it comes with higher prices, especially for SMB, it is allowed to pay that amount for support only.
We have been fairly happy with the product and how it has worked. We have looked at other vendors for url filter and such and have not found one that meets our needs or does what we have been doing with Websense. The product has been fairly stable and we have only had a few issues in the past. We have all seen that it was one of the highest leaders from the Gartner Group Magic Quadrant for Web Gateways.
Support from Forcepoint has been lacking. When calling in with a high priority issue we rarely are able to work with a technician immediately. The queue waits are very long and when you get through there are no support engineers available and we need to wait for a call back for hours it seems.
Wasn't personally involved in the vendor selection process. I am aware that one of the main drivers for selecting BWise was cost (I believe BWise total project cost was several times lower than MetricStream's).
User friendly solution that makes it easy to deploy and manage. Forcepoint Data Loss Prevention very effective to protecting our valuable data on endpoints and where data lives like in the Cloud, server and on-premises disk drives and its valuable to just set policies once and start utilizing Forcepoint Data Loss Prevention solution.
The exchange of financial documents with customers creates extreme risk as data loss could result in financial and reputation damage to the customer. The cost of deploying Forcepoint is fractions of pennies compared to the potential financial impact of data loss.
There is some administrative overhead associated as false positives are inevitable, requiring a manual review and a potential loss of productivity.
