RiskRecon Own Enterprise Monitoring Free Limited

The RiskRecon Own Enterprise Monitoring Free Limited Integration, powered by RiskRecon, delivers transparent security measurements, analytics, and analyst-level insight to dramatically improve your Own Enterprise Monitoring risk management program. It provides organizations with visibility and their cyber risk posture. Own Enterprise Monitoring discovers and analyzes each company’s IT footprint using artificial intelligence (AI) to automatically measure the value of each asset.

On this page

Release notes

Release Version

Published Date

Notes

Archer 6.12

July 2024

Resigned JavaScript file

Archer 6.12

September 2022

Initial Release

Overview of RiskRecon Own Enterprise Monitoring Free Limited Integration

Key features and benefits

  • Obtain on-demand assessments of your organization's overall security practices.

  • Gain objective insight into your security performance and IT landscape.

  • Continuously monitor security performance.

Important: This document refers to Archer Own Enterprise Monitoring, powered by RiskRecon. If you have previously obtained a RiskRecon product license and would like to take advantage of the functionality offered by this integration, you can use your RiskRecon license and complete the instructions in this guide to enable communication between Archer and your RiskRecon product. You do not need to also license Archer Own Enterprise Monitoring. However, you must have licenses for each of the prerequisite Archer use cases listed in this guide to make use of the functionality provided by this integration.

Prerequisites (ODA and system requirements)

Components

Prerequisites

Archer Solution Area(s)

N/A

Archer Use Case(s)

N/A

Archer Applications

Company

Uses Custom Application

No

Requires On-Demand License

No

Archer Requirements

Archer 6.12 and later

Partner/Vendor Requirements

Valid License is required

RiskRecon Own Enterprise Monitoring Free Limited Integration components

Use case components

This section contains high-level use case design information.

Applications

Application

Description

Company

The Company application stores general, financial, and compliance information at the company level. Combined with the Division and Business Unit applications, this application supports roll-up reporting of governance, risk, and compliance initiatives across the enterprise.

Data feeds

Data Feed

Description

OEM Company 6.12 Freemium JST

The OEM Company 6.12 Freemium JST data feed is a JavaScript Transporter feed that imports overall scores from Third Party Security Risk Monitoring. The data feed is preconfigured to update Company records when Third Party Security Risk Monitoring performs new scans.

Configuring RiskRecon Own Enterprise Monitoring Free Limited Integration

Before you begin 

This section provides instructions for configuring the RiskRecon Own Enterprise Monitoring Free Limited Integration, powered by RiskRecon, with the Archer Platform. This document is not intended to suggest optimum installations or configurations.

It is assumed that the reader has both working knowledge of all products involved, and the ability to perform the tasks outlined in this section. Administrators should have access to the product documentation for all products to install the required components.

Important: The integration described in this guide is being provided as a reference implementation for evaluation and testing purposes.  It may or may not meet the needs and use cases for your organization.  If additional customizations or enhancements are needed, it is recommended that customers contact Archer Help for assistance.

Obtain the API key for Own Enterprise Monitoring Free Limited

You must obtain an API key prior to configuring the data feeds. To obtain a key, contact your Archer account representative.

This API key is used when defining custom parameters for the OEM Company 6.12 Freemium JST data feed. For example, see Import the OEM Company 6.12 Freemium JST Data Feed.

Configuring Archer

Before you import the Own Enterprise Monitoring data feeds, you must ensure that all prerequisite steps have been completed.

Installing the package

The following tasks detail how to import and install the latest Own Enterprise Monitoring Free Limited package.

Task 1: Back up your database

There is no undo function for package installation. Packaging is a powerful feature that can make significant changes to an instance. Archer strongly recommends that you backup the instance database before installing a package. This process enables a full restoration if necessary.

An alternate method for undoing a package installation is to create a package of the affected objects in the target instance before installing the new package. This package provides a snapshot of the instance before the new package is installed, which can be used to help undo the changes made by the package installation. You must manually delete new objects created by the package installation.

Task 2: Import the package

  1. From the menu bar, click Admin menu > Application Builder > Install Packages.

  2. In the Available Packages section, click Import.

  3. Click Add New, then select the package file that you want to import.

  4. Click OK.

The Available Packages section displays the package file and is ready for installation.

Task 3: Map objects in the package

Important: This step is required only if you are upgrading to a later version of [ODA name].

  1. From the menu bar, click Admin menu > Application Builder > Install Packages.

  2. In the Available Packages section, select the package you want to map.

  3. In the Actions column, click Analyze for that package.

The analyzer runs and examines the information in the package. The analyzer automatically matches the system IDs of the objects in the package with the objects in the target instances and identifies objects from the package that are successfully mapped to objects in the target instance, objects that are new or exist but are not mapped, and objects that do not exist (the object is in the target but not in the source).

Note: This process can take several minutes or more, especially if the package is large, and may time out after 60 minutes. This time-out setting temporarily overrides any IIS time-out settings set to less than 60 minutes.

  1. When the analyzer is complete, the Advanced Package Mapping page lists the objects in the package file and corresponding objects in the target instance. The objects are divided into tabs, depending on whether they are found within Applications, Solutions, Access Roles, Groups, Sub- forms, or Questionnaires.

On each tab of the Advanced Mapping Page, review the icons next to each object to determine which objects you must map manually.

Icon

Name

Description

Awaiting mapping review

 

 

 

Awaiting Mapping Review

Indicates that the system could not automatically match the object or children of the object to a corresponding object in the target instance.

Objects marked with this icon must be mapped manually through the mapping process.

Important: New objects should not be mapped. This icon should remain visible. The mapping process can proceed without mapping all the objects.

Note: You can run the mapping process without mapping all the objects. The Awaiting mapping reviewicon is for informational purposes only.

Checkmark

 

Mapping

Completed

Indicates that the object and all child objects are mapped to an object in the target instance. There are no further steps required with these objects in Advanced Package Mapping.

Missing objects

 

 

Do Not Map

Indicates that the object does not exist in the target instance, or the object was not mapped through the Do Not Map option. These objects will not be mapped through Advanced Package Mapping and must be remedied manually.

Undo

Indicates that a mapped object can be unmapped. This icon is displayed in the Actions column of a mapped object or object flagged as Do Not Map.

  1. For each object that requires remediation, do one of the following:

    • To map each item individually, on the Target column, select the object in the target instance to which you want to map the source object. If an object is new or if you do not want to map an object, select Do Not Map from the drop-down list.

      Important: Ensure that you map all objects to their lowest level. When objects have child or related objects, the parent object provides a drill-down link. You must map child objects before parent objects. For more details, see "Mapping Parent/Child Objects" in Archer Help.

    • To automatically map all objects in a tab that have different system IDs but the same object name as an object in the target instance, do the following:

    1. In the toolbar, click Auto Map.

    2. Select an option for mapping objects by name.

      Option

      Description

      Ignore case

      Select this option to match objects with similar names regardless of the case of the characters in the object names.

      Ignore spaces

      Select this option to match objects with similar names regardless of whether spaces exist in the object names.

    3. Click OK.

      The Confirmation dialog box opens with the total number of mappings performed. These mappings have not been committed to the database yet and can be modified in the Advanced Package Mapping page.

    4. Click OK.

  • To set all objects in the tab to Do Not Map, in the toolbar, click Do Not Map.

Note: To undo the mapping settings for any individual object, in the Actions column, click Undo.

When all objects are mapped, the Checkmark icon is displayed in the tab title. The Missing objects icon is displayed next to the object to indicate that the object will not be mapped.

  1. Verify that all other objects are mapped correctly.

  2. (Optional) To save your mapping settings so that you can resume working later, see "Importing and Exporting Mapping Settings" in Archer Help.

  3. Once you have reviewed and mapped all objects, click Execute.

  4. Select I understand the implications of performing this operation and click OK.

The Advanced Package Mapping process updates the system IDs of the objects in the target instance as defined on the Advanced Package Mapping page. When the mapping is complete, the Import and Install Packages page is displayed.

Important: Advanced Package Mapping modifies the system IDs in the target instance. You will need to update any Data Feeds and Web Service APIs that use these objects, with the new system IDs.

Task 4: Install the package

All objects from the source instance are installed in the target instance unless the object can not be found or is flagged to not be installed in the target instance. The Log Messages section provides a list of conditions that may cause objects not to be installed. The Package Installation Log section displays a log entry.

  1. From the menu bar, click Admin menu> Application Builder > Install Packages.

  2. In the Available Packages section, locate the package file that you want to install, and click Install.

  3. In the Selected Components section, select the components of the package that you want to install.

    Note: Items in the package that do not match an existing item in the target instance are selected by default.

  1. Click Lookup.

  2. For each component section, do the following:

    Note: To move on to another component section, click Continue or select a component section in the Jump To drop-down menu.

    1. In the Install Method drop-down menu, select an install method for each selected component.

      Note: If you have any existing components that you do not want to modify, select Create New Only. You may have to modify those components after installing the package to use the changes made by the package.

    2. In the Install Option drop-down menu, select an install option for each selected component.

      Note: If you have any custom fields or formatting in a component that you do not want to lose, select Do not Override Layout. You may have to modify the layout after installing the package to use the changes made by the package.

  1. Click OK.

  2. To deactivate target fields and data-driven events that are not in the package, in the Post-Install Actions section, select the Deactivate target fields and data-driven events that are not in the package check box. To rename the deactivated target fields and data-driven events with a user-defined prefix, select the Apply a prefix to all deactivated objects check box, and enter a prefix. This can help you identify any fields or data-driven events that you may want to review for clean up post-install.

  3. Click Install.

  4. Click OK.

Task 5: Review the package installation log

  1. From the menu bar, click Admin menu > Application Builder > Install Packages.

  2. In the Package Installation Log tab, click the package that you want to view.

  3. In the Package Installation Log page, in the Object Details section, click View All Errors.

    Note: To view individual logs, in the Errors column of the log you want to view, click the Failures link or Warnings link. Clicking View All Errors, Failures, or Warnings opens the specific errors on a different page.

  4. Click the Export icon to export the log file.

  5. Click Close.

Inserting the domain name for Own Enterprise Monitoring Free Limited

Once you have obtained the domain name for your company, you must insert it in the corresponding Company record before you import and run the data feed. To insert the Domain Name in Archer, perform the following steps:

  1. Login to your company Archer instance.

  2. Go to the Company record.

    1. From the menu bar, select IT Security Risk Management.

    2. Under Solutions, select IT Asset Catalog.

    3. Under Applications, select Company.

  3. Select the Company for which you obtained the Domain Name.

  4. Click Edit.

  5. In the General Information tab, insert the Domain Name in the Domain Name field for respective company.

  6. Click Save and Close.

  7. Repeat steps 2-6 for each company you wish to monitor.

Set up the Own Enterprise Monitoring Free Limited data feed

The Own Enterprise Monitoring Free Limited use cases contain one data feed:

  • OEM Company 6.12 Freemium JST.dfx5

Import OEM Company 6.12 Freemium JST data feed

  1. Login to your company Archer instance.

  2. Navigate to Data Feeds under Integration within the Administration menu.

  3. Locate and select the OEM Company 6.12 Freemium JST data feed.

  4. Verify settings in the General tab.

    1. In the General Information section, set the Status field to Active.

    2. In the Feed Information section, , confirm that the Target field is set to Company.

  5. Click the Transport tab.

  6. In the Transport section, in the Transport Method field, verify JavaScript Transporter.

  7. In the Transport Configuration section, click Upload.

    1. Locate and select the “Signed_RiskReconFreemium_API_1.0.2.js” JavaScript file.

  8. In the Custom Parameters section, enter the following key values:

Key

Type

Value

apiKey

Protected

[insert the API Key obtained from your Archer account representative]

archerUrl

N/A

[insert the URL of your Archer instance]

archerInstance

N/A

[insert the name of your Archer instance]

archerUser

N/A

[insert user account name that has read access to all Company records]

archerPass

Protected

[insert password for the archerUser account name]

ownEnterprise

N/A

True

archerReportGUIDOE

N/A

[insert the report GUID for “Own Enterprise Freemium - Companies to Track”]

archerKeyFieldGUIDOE

N/A

[insert the field GUID for “Domain Name” from the Company application]

  1. The following additional parameters are valid options for the Custom Parameters section:

Key

Type

Value

proxy

Protected

[insert the URL of the proxy server]

Note: This key should only be entered if you use a proxy server. If you are an Archer SaaS customer, this key is required, and you must contact your Professional Services representative to configure this parameter

verifyCerts

N/A

[true] or [false]

By default, this value is set to true. If you have configured Archer to use HTTPS, and the SSL certificate is self-signed or is another form of non-perfected SSL certificate from a top tier Certificate Authority, you must set this value to false.

  1. Click Save.

Schedule data feeds

Important: A data feed must be active and valid to successfully run.

As you schedule your data feed, the Data Feed Manager validates the information. If any information is invalid, an error message displays. You can save the data feed and correct the errors later; but the data feed does not process until you make corrections.

  1. Go to the Schedule tab of the data feed that you want to modify.

    1. From the menu bar, click Admin menu.

    2. Under Integration, click Data Feeds.

    3. Select the data feed.

    4. Click the Schedule tab.

  2. Go to the Recurrences section and complete frequency, start and stop times, and time zone. The following table describes the fields in the Recurrences section.

Field

Description

Frequency

Specifies the interval in which the data feed runs, for example, Minutely, Hourly, Daily, Weekly, Monthly, or Reference.

  • Minutely. Runs the data feed by the interval set.

For example, if you specify 45 in the Every list, the data feed executes every 45 minutes.

  • Hourly. Runs the data feed by the interval set, for example, every hour (1), every other hour (2) and so forth.

  • Daily. Runs the data feed by the interval set, for example, every day (1), every other day (2) and, so forth.

  • Weekly. Runs the data feed based on a specified day of the week, for example, every Monday of the first week (1), every other Monday (2), and so forth.

  • Monthly. Runs the data feed based on a specified week of the month, for example, 1st, 2nd, 3rd, 4th, or Last.

  • Recurrence. Runs a specified data feed as runs before the current one. This option indicates to the Data Feed Service that this data feed starts as soon as the referenced data feed completes successfully. For example, you can select to have a Threats data feed run immediately after your Assets data feed finishes. From the Reference Feed list, select after which existing data feed the current data feed starts.

A reference data feed will not run when immediately running a data feed. The Run Data Feed Now option only runs the current data feed

Every

Specifies the interval of the frequency in which the data feed runs.

Start Time

Specifies the time the data feed starts running.

Start Date

Specifies the date on which the data feed schedule begins.

Time Zone

Specifies the time zone in of the server that runs the data feed.

  1. (Optional) To override the data feed schedule and immediately run your data feed, in the Run Data Feed Now section, click Start.

  2. Click Save.

Using RiskRecon Own Enterprise Monitoring Free Limited Integration

You can use the Own Enterprise Monitoring use case to track the risk ratings for your Company.

Review risk ratings

You can review an up-to-date security risk overview of your company’s cybersecurity posture. Ratings are based on a scale from 0-10, with 0 being the worst and 10 being the best. RiskRecon runs updated scans approximately every 2-4 weeks for each company.

  1. Go to the Company page.

    1. From the menu bar, click the IT Security Risk Management workspace.

    2. Click Business Asset Catalog.

    3. Click Company.

  2. Select the company record that you want to review.

  3. Go to the Security Risk Monitoring Details section.

  4. In the Security Risk Monitoring tab, review the following third party details:

    • Company Description

    • Industry

    • Industry Average

    • Percentile Rank

    • Overall Security Risk Monitoring Rating

    • Overall Grade

    • Rating Date

Certification environment

Date tested: September 2022

Product Name

Version Information

Operating System

Archer

6.12

Virtual Appliance

RiskRecon

NA

SaaS