RSA, The Security Division of EMC, Unveils Major New Capabilities in Data Loss Prevention
Acquisition Will Strengthen and Expand EMC’s Global IT Consulting Services
- RSA Data Loss Prevention Suite Designed to Enable Customers to Discover, Monitor, and Protect Sensitive Data Throughout the Enterprise
- Suite Provides Unified, Seamless Data Policy Orchestration Engineered To Centrally Manage All DLP Components
BEDFORD, MA - April 2, 2008
RSA, The Security Division of EMC (NYSE: EMC), today announced the advancement of the RSA™ Data Loss Prevention (DLP) Suite through new capabilities that are designed to allow customers to secure the sensitive information that is most critical to their businesses.
The RSA DLP Suite is engineered to provide unified, seamless data policy orchestration across the enterprise, allowing customers to discover and monitor sensitive data and apply the appropriate enforcement mechanisms to secure sensitive data across the IT stack.
“Securing data is an information management process. To be successful, data must first be identified and classified; different controls need to be applied to prevent the data’s loss, and the enterprise-wide management of those controls needs to be as efficient as possible,” said Dennis Hoffman, Vice President and General Manager, Data Security Group, and Chief Strategy Officer at RSA, The Security Division of EMC. “This release of the DLP suite is a major advancement in addressing this overall process in a holistic manner. The RSA DLP Suite is engineered both to provide the ability to orchestrate policies that secure sensitive data in the datacenter, network, and at the endpoints, and to provide one of the industry’s most robust data discovery and detection capabilities, which are key to an organization’s ability to identify risk and protect against sensitive data loss no matter where the data resides. ”
“DLP technology is one of the least understood tools on the security market, and there is a lack of consensus on what a DLP solution is actually comprised of. We define it as products and solutions that, based on central policies, identify, monitor and protect data at rest, in motion and in use, through deep content analysis,” noted Rich Mogull, Founder, Securosis.com on Securosis.com. “A true DLP solution is one that will protect data over the course of its lifecycle and one that maps to business processes.”
New Features Provide Accuracy and Scalability
The RSA DLP Suite is one of the industry’s most comprehensive data loss prevention solutions, and is designed to provide customers with the most robust database of policies to secure data for both regulatory (PCI, privacy laws) and non-regulatory (intellectual property, business strategy/operations data) security drivers. This design simplifies the integration of DLP technology into existing IT infrastructures. These capabilities along with the RSA DLP Suite’s distributed grid architecture provide market leading accuracy and scalability. The DLP Suite includes RSA DLP Endpoint, RSA DLP Network, and RSA DLP Datacenter, with overall management of the Suite provided by the RSA DLP Enterprise Manager.
- RSA DLP Enterprise Manager – this new centralized DLP management console is engineered to provide centralized policy orchestration, unifying policy with workflow, reporting and administration. Policies for the appropriate handling of sensitive data are defined by DLP Enterprise Manager and then are pushed out to the endpoints, network or datacenter. The centralized incident workflow and extensive reporting capabilities is designed to simplify integration with existing IT practices, lowering total cost of ownership.
- RSA DLP Endpoint is built to provide advanced protection from sensitive information leaving off endpoints. DLP Endpoint - Discover is engineerd to locate sensitive data on desktops and laptops, while the new DLP Endpoint - Enforce prevents sensitive data from being copied, printed, saved to CD/DVD or USB ports. It provides content-aware enforcement using context to analyze data. This feature is built to minimize the disruption to end users who have a legitimate business requirement to copy data from their laptop while insuring that sensitive data is not leaked off endpoints in accordance with security policy.
- RSA DLP Network is designed to locate sensitive data traveling over the network such as email, IM, or webmail traffic, and then applies the appropriate action such as block, quarantine, or encrypt.
- RSA DLP Datacenter is engineered to discover sensitive, unprotected data in the data center and provides a range of remediation options and can work in conjunction with other products in the RSA Data Security System, such as the RSA™ File Security Manager, which is designed to provide the ability to audit user access to sensitive files or folders, and then enable role based access controls using encryption.
The RSA DLP Suite also is engineered to provide broad, international DLP support. For international organizations and multinational companies, the DLP Suite is designed to provide comprehensive, pre-packaged policies for international markets that map to important international data regulations and non regulatory security drivers. Out of the box, it comes with a database of more than 100 different policy templates for a range of security drivers.
Getting Started With Data Loss Prevention Technology
For organizations who are seeking guidance with their data security strategy, understand potential risks associated with the loss of sensitive data, or feel that the task of securing all sensitive information is too costly, RSA is introducing the RSASM DLP RiskAdvisor Service. With RSA DLP RiskAdvisor, organizations can quickly gain visibility into where sensitive data is unprotected and be given concrete remediation recommendations to reduce the risk of sensitive data loss. The high impact service helps customers prioritize their needs based on business risk and delivers measurable results in preventing data loss.
Meridian Health is a family of not-for-profit health care organizations that include home care agencies, long-term and assisted living communities, ambulatory care, ambulance services, and occupational health located throughout Monmouth and Ocean counties in New Jersey. Meridian Health is the regional provider of trauma services and cardiac surgery, and recently deployed RSA DLP Network and RSA DLP Endpoint to protect sensitive data.
“At Meridian, we are entrusted with the private information of patients, employees and vendors, as well as the protection of proprietary business information. Our goal with DLP technology was to find a solution that would detect and prevent the unauthorized transmission of data, as well as identify and remedy potential areas of risk or non-compliance prior to an incident,” said Catherine Gorman-Klug, corporate director, privacy and data security for Meridian Health. “Deploying RSA DLP Network and RSA DLP Endpoint was instrumental in helping us assess where personally identifiable information resided across our network, and heightened awareness across Meridian Health of the need to protect data. The solution also helps us in ongoing regulatory compliance. It’s currently monitoring close to 4,000 email users as well as close to 11,000 team members and physicians.”
Powering RSA’s Data Security System
The RSA DLP Suite also provides the strategic hub for the RSA™ Data Security System, a set of products and services that implement a holistic approach for securing data. The Data Security System is designed to enable customers to discover and monitor sensitive information; enforce controls, such as encryption and data loss prevention, and report and audit to prove that sensitive data is secure. The RSA DLP Suite is engineered to provide policy orchestration for the RSA Data Security System, enabling other data control and audit mechanisms from RSA, EMC and 3rd parties, to be leveraged as part of a holistic process. The DLP Suite enables organizations to define policies centered around the data itself, and leverage control mechanisms throughout the infrastructure to remediate risk and enforce policy.
The RSA DLP Suite will be available in May 2008. Customers with current support agreements will be able to upgrade to the RSA DLP Enterprise Manager as well as to upgrade for currently licensed components; other components of the RSA DLP Suite not currently licensed will be available for additional fees.
RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration, helping the world's leading organizations succeed by solving their most complex and sensitive security challenges. RSA's information-centric approach to security guards the integrity and confidentiality of information throughout its lifecycle - no matter where it moves, who accesses it or how it is used.
RSA offers industry-leading solutions in identity assurance & access control, data loss prevention & encryption, compliance & security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.