Press Release

New RSA Offering Centralizes and Streamlines Encryption Key Management Throughout the Enterprise

RSA® Key Manager(RKM) for the Datacenter Simplifies Encryption Across Multiple Layers of the IT Stack - RKM part of the RSA® Data Security System, a Set of integrated Products and Services Designed Around a Holistic Approach for Securing Data

BEDFORD, MA, April 8, 2008 - 
  • RSA® Key Manager(RKM) for the Datacenter Simplifies Encryption Across Multiple Layers of the IT Stack
  • RKM part of the RSA® Data Security System, a Set of integrated Products and Services Designed Around a Holistic Approach for Securing Data

BEDFORD, MA - April 8, 2008

RSA, The Security Division of EMC (NYSE: EMC), today introduced a new offering, RSA® Key Manager (RKM) for the Datacenter, designed to centralize and streamline encryption key lifecycle management throughout the enterprise.

A fundamental element of the RSA® Data Security System, RKM for the Datacenter is an easy-to-use, centrally administered encryption key management system that can manage encryption keys at the database, file server, and storage layer. It is designed to simplify the deployment and ongoing use of encryption throughout the enterprise and helps ensure that information is properly secured and fully accessible when needed at any point in its information lifecycle.

“Encryption is a powerful control because it stays with data throughout its lifecycle. Many customers have had to deploy multiple types of encryption to address different data security risks across the IT stack.  Unfortunately, multiple point encryption solutions, each with their own approach to encryption key management, increases management complexity and the risk of lost or stolen keys,” said Dennis Hoffman, Vice President and General Manager, Data Security Group and Chief Strategy Officer, RSA, The Security Division of EMC. “Enterprise key management addresses these issues by providing a central management system that helps reduce the cost and complexity associated with point solutions. With the ability to manage and protect encryption keys across multiple encryption solutions across the IT stack, enterprise key management provides security over the long term, essentially opening up the use of encryption, and making it effective for customers now.”

Why Enterprise Key Management

Adopting an enterprise key management system enables customers to adopt an encryption solution that works for them today and expand to other encryption solutions in the future, without having to change their approach to key management. This addresses several customer needs including:

  • Vaulting –Store and secure encryption keys and meta data about the encrypted media, to ensure that keys are not compromised and the enterprise will be able to decrypt the data in the future.
  • Encryption Key Policy Management- Reduce the complexity of managing encryption by enabling a centralized policy based approach to key management, governing access to keys, sharing of keys, expiration of keys, shredding of keys, and all other aspects of key life cycle management.
  • Separation of Duties – Reduce security risks by insuring that the management of encrypted data and the management of encryption keys are maintained as two separate functions within the IT organization.

"The barrage of data-loss incidents going public now is forcing many organizations to rush into encryption technology -- from endpoints, all the way up to the data center," says Phil Hochmuth, an analyst with the Yankee Group. "However, barging ahead with encryption, without a long-term strategy or the tools for proper key deployment and management, invites potential problems such as data inaccessibility or even loss -- which voids the effort of encrypting in the first place."

About RKM for the Datacenter

RSA Key Manager for the Datacenter is designed to provide centralized key management across multiple encryption points in the enterprise including tape/virtual tape, disk, databases, and file systems. The offering is engineered to include:

  • RSA Key Manager Server Appliance — a hardware form-factor, pre-configured for central management of encryption keys throughout the enterprise.
  • EMC PowerPath® Encryption with RSA — protects information at rest from unauthorized access or the unauthorized removal of a disk drive or array from a secured environment.
  • Connectrix® MDS Storage Media Encryption (SME) with RSA — a SAN-based solution for encryption to tape or virtual tape. This solution offers interoperability with Cisco technology in the SAN switch and with RKM through common APIs.
  • Native Tape Encryption — a tape based solution that encrypts data natively on the tape drives themselves.
  • Oracle® Database 11g Advanced Security Transparent Data Encryption (TDE) with RSA — native Oracle Database encryption solution requiring no application level changes.
  • RSA® File Security Manager — File Security Manager is a software-based security solution that is designed to provide transparent encryption of files and folders in conjunction with role-based access control on heterogeneous platforms.

RSA Data Security System

RKM for the Datacenter is one of the only encryption key management solutions on the market that truly scales across the entire enterprise, leveraging RSA, EMC, and a rich partner ecosystem for fully-integrated solutions. It also is an integral part of the RSA Data Security System, which provides a policy based approach to securing data: helping to enable customers to classify their sensitive data, discover that data across the enterprise; enforce controls; and report and audit to help ensure compliance with policy.

“The RSA Data Security System helps organizations secure sensitive information by providing centralized policy management that is business risk driven,” said Hoffman. “The RSA® Data Loss Prevention Suite, announced last week, is engineered to allow organizations to classify, discover and monitor sensitive data, while our encryption and key management suite is designed to allow organizations to apply the appropriate enforcement mechanisms to secure that data. As built, the Data Security System has reporting and audit capabilities that allow organizations to prove that the sensitive data was secured, with future versions conducting the audit and reporting within individual products, and through RSA enVision® technology. As a result, we’re able to offer customers a wide set of products and services designed around a holistic process for securing the data that is most important to them.”

Availability

RSA Key Manager for the Datacenter will be available beginning in Q2 2008. RSA Key Manager for the Datacenter is also integrated with RSA Key Manager with Application Encryption, which provides encryption and key management to secure sensitive data at the application layer.

More information on RSA’s announcements and related initiatives may be found online at www.rsa.com/rsaconference2008/. In addition, RSA’s information risk management solutions, services and partners will be featured in Booths #1717 and 1817 at RSA Conference 2008, April 7-11, 2008, at the Moscone Center in San Francisco.

About EMC

RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration, helping the world's leading organizations succeed by solving their most complex and sensitive security challenges. RSA's information-centric approach to security guards the integrity and confidentiality of information throughout its lifecycle - no matter where it moves, who accesses it or how it is used.

RSA offers industry-leading solutions in identity assurance & access control, encryption & key management, compliance & security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.

Press Contacts

Jenn McManus
781-515- 6313
jmcmanus@rsa.com



RSA, PowerPath, Connectix and enVision are either registered trademarks or trademarks of RSA Security Inc. in the United States and/or other countries. EMC is a registered trademark of EMC Corporation. All other products and/or services mentioned are trademarks of their respective companies.

This release contains "forward-looking statements" as defined under the Federal Securities Laws. Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including but not limited to: (i) adverse changes in general economic or market conditions; (ii) delays or reductions in information technology spending; (iii) risks associated with acquisitions and investments, including the challenges and costs of integration, restructuring and achieving anticipated synergies; (iv) competitive factors, including but not limited to pricing pressures and new product introductions; (v) the relative and varying rates of product price and component cost declines and the volume and mixture of product and services revenues; (vi) component and product quality and availability; (vii) the transition to new products, the uncertainty of customer acceptance of new product offerings and rapid technological and market change; (viii) insufficient, excess or obsolete inventory; (ix) war or acts of terrorism; (x) the ability to attract and retain highly qualified employees; (xi) fluctuating currency exchange rates; and (xii) other one-time events and other important factors disclosed previously and from time to time in EMC's filings with the U.S. Securities and Exchange Commission. EMC and RSA disclaim any obligation to update any such forward-looking statements after the date of this release.

Notes: