Press Release

EMC Announces New Information-Centric Security Consulting Services To Help Enterprises Mitigate Risk And Accelerate Business Objectives

Expanded information-centric security services enable customers to review security policy, assess risk, discover and classify sensitive information, develop security programs and assess storage security.

HOPKINTON, Mass, April 8, 2008 - 

EMC (NYSE: EMC) today announced five new information-centric security consulting services leveraging solutions from RSA, The Security Division of EMC. These new consulting services are designed to provide customers with the business perspective, security expertise, and measurable results needed to accelerate the adoption of sound information risk management strategies. These new consulting services are also complemented by a wide range of design and implementation services for RSA technology.

Information-centric security consulting services are delivered by a growing security practice within EMC Consulting and leverage RSA's deep security expertise and strong technology solutions. They help organizations align information risk management goals to business objectives, protect information assets, and ease the burden of regulatory compliance. The result is a highly effective information-centric security infrastructure that responds quickly to business changes with optimized policies, procedures, metrics, and controls.

"Aberdeen's research has shown that companies with top performance are about twice more likely than their counterparts to have invested in identification and classification of information assets, as the groundwork for establishing sound and consistent policies for protecting critical data," notes Derek E. Brink, Vice President and Research Director for IT Security, Aberdeen Group. "They are also about twice as likely to have a clear association between their security controls and the complex collection of regulations, standards, and best practices to which they relate. Most companies, however, struggle to carry out these activities solely with internal resources, which are almost fully allocated to routine operations."

By utilizing a proven framework that leverages best practices, methodologies, and industry standards, EMC information security consulting services help customers identify, remediate, and manage information security risks while increasing the efficiency and effectiveness of their overall security program. As a result, customers can launch new business initiatives that accelerate revenue and profit while minimizing risk.

"Security consulting services from EMC have provided significant value in meeting our compliance objectives as well as helping our security program respond to the needs of our business. We have been very pleased with the EMC team, the process, and the results," said Daniel Barfield, Senior Director of Information Systems and Technology at Actel Corporation.

Significantly Expanded Security Consulting Services Portfolio

EMC's new consulting services are designed to address a broad range of its customers' information security challenges including alignment of security to the business risk profile, and reduction of cost and complexity in establishing a complete information security program.

  • Information Risk Assessment provides a systematic overview of enterprise security capabilities and a roadmap for remediation by assessing governance, policy, data protection, authentication, access, and other security controls.
  • Information Security Policy Development helps ensure compliance with internal and external mandates by defining and mapping policies to best practices, business requirements, and appropriate regulations.
  • Information Security Program Development aligns an enterprise security posture with business objectives and helps meet requirements for regulatory compliance by providing guidance to improve the maturity of security capabilities, policies, organization, and controls.
  • Data Loss Prevention RiskAdvisor provides automated discovery of unprotected sensitive information along with remediation processes and policy recommendations.
  • Assessment Service for Storage Security improves protection of business-critical information by assessing security and prioritizing remedial actions for enterprise storage infrastructures including storage systems, storage switches, and management consoles.
  • Classification for Information Security is an existing service that provides the basis for the implementation of appropriate security controls by cataloging and identifying the value, sensitivity, and protection requirements of critical business information.

The information-centric security consulting services are complemented by design and implementation services for RSA's identity assurance & access control, data loss prevention & encryption, compliance & security information management, and fraud protection solutions.

"EDS clients understand the next generation of security capabilities are grounded in the principle of enabling business performance," said Bryan Palma, EDS Vice President Global Information Security. "EMC's expanded services nicely complement EDS' integrated security solutions, allowing our clients to take risks, not just minimize them. The strategic alliance between EMC and EDS continues to strengthen, and EMC's services coupled with RSA technology solutions play an integral role in the growth of our global security practice."

"Our customers are looking for holistic security solutions that give them command and control of their information. Based on a proven information risk management strategy - EMC's information-centric strategy and security consulting services help customers use risk to evaluate business initiatives, determine where security investment is necessary and measure security contribution to business objectives," said Kim MacPherson, Vice President of Information Security Consulting at EMC. "Armed with effective information security programs, customers can move aggressively to address business challenges and take the greatest amount of risk they are willing to assume in order to accelerate their business."

More information on RSA's announcements and related initiatives may be found online at In addition, RSA's information risk management solutions, services and partners will be featured in Booths #1717 and 1817 at RSA Conference 2008, April 7-11, 2008, at the Moscone Center in San Francisco.

About EMC

EMC Corporation (NYSE: EMC) is the world’s leading developer and provider of information infrastructure technology and solutions that enable organizations of all sizes to transform the way they compete and create value from their information. Information about EMC’s products and services can be found at

Press Contacts

David Seuss

EMC is a registered trademark of EMC Corporation. RSA is a trademark of RSA Security Inc. in the United States and/or other countries. All other marks are trademarks of their respective companies.

This release contains "forward-looking statements" as defined under the Federal Securities Laws. Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including but not limited to: (i) adverse changes in general economic or market conditions; (ii) delays or reductions in information technology spending; (iii) risks associated with acquisitions and investments, including the challenges and costs of integration, restructuring and achieving anticipated synergies; (iv) competitive factors, including but not limited to pricing pressures and new product introductions; (v) the relative and varying rates of product price and component cost declines and the volume and mixture of product and services revenues; (vi) component and product quality and availability; (vii) the transition to new products, the uncertainty of customer acceptance of new product offerings and rapid technological and market change; (viii) insufficient, excess or obsolete inventory; (ix) war or acts of terrorism; (x) the ability to attract and retain highly qualified employees; (xi) fluctuating currency exchange rates; and (xii) other one-time events and other important factors disclosed previously and from time to time in EMC's filings with the U.S. Securities and Exchange Commission. EMC and RSA disclaim any obligation to update any such forward-looking statements after the date of this release.