ServiceMax’s focus on cyber-resilience is part of a broader approach to digital risk management. The goal is not only to detect and respond to cyber-attacks, but also ensure that the enterprise is able to survive and recover quickly following an attack. Furthermore, the approach consists of holistically looking at internal processes, procedures and technical implementations that if not managed appropriately, can impact confidentiality, integrity, availability, privacy and security. To that end any ServiceMax program that can systematically cause disruption to our Customers falls within this umbrella. The program consists of sub-programs pertaining to managing deficiencies across the enterprise and products, operational and security incident response, business continuity and disaster recovery, as continuous assessments. Cyber Resilience, therefore, is one of ServiceMax’s core imperatives and one that is continuously measured and improved upon.
ServiceMax continuously monitors its environment for anomalies and suspicious events that may require incident response. ServiceMax’s Incident Response Program, includes on-going training, table-top exercises, pen testing, vulnerability management, and threat intelligence, which come together to ensure the Program has all the required touchpoints in order to address a potential incident and recover quickly. ServiceMax incident responders handle end-to-end coordination with stakeholders for swift deterministic notification, investigation, forensics, and close-out.
Vulnerability and Configuration Management
At ServiceMax vulnerability management program exceeds industry standards with a disciplined and pragmatic approach. The program identifies vulnerabilities that may affect the platform and performs rapid remediation and mitigation to reduce other exposure to such vulnerabilities. The program maintains a network of recognized security researchers dedicated to continually evaluating the platform for vulnerabilities and identifying potential threats. The integration between the cyber research team and vulnerability management functions enables the rapid and focused remediation of critical issues to ensure that the platform is secure.
The cornerstone of a successful Cyber Resilience program is stress testing the environment to identify weaknesses and address them quickly. ServiceMax products and services undergo ongoing penetration testing to identify areas where business risk may exist. Considering attack vectors, a highly specialized team of researchers and pen testers carry out test scenarios, and a process is in place to address any findings quickly. This continuous level of assessment provides the validation required for ServiceMax to instill confidence in our Customers that Products and Services are highly resilient to cyber attacks.
Business Continuity and Disaster Recovery
Beyond Security, ServiceMax also considers Business Continuity (BC) and Disaster Recovery (DR) as critical elements of its business operations. Much like data breaches and other security incidents, adverse events ranging from technical issues and natural disasters to mechanical failure or human error can disrupt Customers and their ability to continue with their digital transformation journey. As a result, ServiceMax has a proactive BC and DR strategy that will ensure its product and services stay up and running in the event that certain elements are unavailable for any length of time. The associated processes and procedures supporting BC/DR are tested regularly in order to ensure their effectiveness. There are three main elements to the ServiceMax BCP/DRP and they include conducting an Asset Business Impact Analysis, a Recovery Strategy, 和计划注意事项. Leveraging industry standard procedures, ServiceMax ensures that its BCP/DRP can successfully support one of its core imperatives –Cyber Resiliency.