RSA President Urges ‘Inventive Collaboration’ to Combat Cyber-Threat and Reap Rewards of New Technologies
EMC’s Security Division Makes Several Announcements That Demonstrate Progress through Inventive Collaboration
“To combat the cybercriminals requires far more purposeful collaboration on the part of the industry and a strong security ecosystem built around a common development process focused on risk,” said Coviello. “Today’s security technologies are applied as independent applications cluttering the information landscape and leaving perilous gaps of risk.”
Coviello cited three major forces driving the information security industry to evolve and adapt, including: the challenge posed by the criminal threat; the demand upon enterprises and governments to achieve unprecedented levels of productivity to restore value to the faltering economy; and the opportunity to rethink the approach to security based upon emerging technologies and trends such as virtualization, cloud computing and social networking. He argued that these three forces have placed the industry at a critical inflection point by providing the opportunity to restructure the information infrastructure almost from the ground up — and warned that the industry must avoid repeating past mistakes.
According to Coviello, “We must embrace a common development process that allows us to create a more secure infrastructure today. Then with an eye on the future we can ensure that the new technical infrastructure is designed around that process, rather than forcing a process around a collection of technologies.”
Coviello urged the industry to foster inventive collaboration around three key practices and provided examples of how RSA is pursuing them:
- Collaborate on standards such as the Key Management Infrastructure (KMI) standard led by RSA, HP and IBM
- Practice technology sharing. The RSA(TM) Share Project, which provides the leading RSA BSAFE(R) encryption software developer toolkits at no cost, is a good example of this practice
- Integrate technologies and embed controls directly into the infrastructure itself. Examples of these integration points were discussed onstage between Coviello,
Brett Galloway, Senior Vice President, Wireless and Security Technology at Cisco and Scott Charney, Corporate Vice President of Trustworthy Computing at Microsoft
“We must develop a stronger and healthier ecosystem than the fraudsters and ensure the fluid and frictionless exchange of information on which our global economy depends. It’s not about changing the game; it’s about winning the game,” said Coviello.
- The RSA Share Project, a new initiative designed to bring world-class security tools within reach of corporate and independent software developers and project leaders. The Share Project features the launch of a new online community designed to provide support, answers and strategies from security experts as well as no-cost access to technology from RSA. RSA’s first Share Project offering to application developers is a no-cost download of the RSA BSAFE Share encryption toolkit, encouraging built-in versus bolted-on security, using tools based on RSA BSAFE products, the world’s most trusted and widely-deployed encryption software. The goal of the RSA Share Project is not merely for the distribution of free technologies, but to promote and build a vibrant community of security-focused engineers, developers and users committed to software security assurance.
- Three new solutions for Microsoft SharePoint(R) from EMC and RSA provide organizations the ability to better secure critical information, identities and infrastructure while achieving enhanced security and availability of their SharePoint environment. These solutions provide validated architectures and best practices to accelerate time to deployment, deliver predictable results and achieve improved performance. For organizations to successfully leverage SharePoint it requires the ability to understand risk and how to best remediate it. The RSA Solution for Microsoft SharePoint — including the new RSA(R) Secure View for Microsoft SharePoint tool, RSA(R) DLP RiskAdvisor for Microsoft SharePoint service, and solution architectures and documentation — provide organizations with a view of their SharePoint hierarchy, the location of sensitive data across the SharePoint environment, and users with access to these data. In addition, the solution provides comprehensive support for enacting controls to better secure data within the SharePoint environment. Also, in order to understand potential risk, organizations must know where sensitive data reside across the SharePoint environment. To support this, a new EMC Proven(TM) solution — EMC Security and Compliance for Microsoft Office SharePoint Server 2007 — validates the ability of RSA DLP Datacenter to deliver these benefits at enterprise-scale. Customers leveraging SharePoint expect high availability. EMC Business Continuity for Microsoft Office SharePoint Server 2007 is an EMC Proven(TM) solution, which provides technical validation for SharePoint customers to implement high availability by achieving fast recovery from unplanned server failures, simplified restart from server failures, consistent failover and centralized management.
- Enhancements to the RSA Data Loss Prevention (DLP) Suite, an integrated, market-leading suite of data security products that are engineered to discover, monitor and protect sensitive data from loss, leakage or misuse whether in a datacenter, on the network, or out at the endpoints. With 68 new features and enhancements in the areas of policy management and classification, remediation, database scanning, reporting, administration and integration with the RSA enVision(R) Platform to streamline the process of understanding security risk, the RSA DLP 7.0 Suite is designed to reduce the total cost of ownership of DLP by automating the protection of sensitive data and reporting, lower risk by protecting more sensitive data in more places, and simplify security operations.
- A new release of the RSA Adaptive Authentication Platform is now available for risk-based, transparent authentication to corporate resources such as e-mail, intranets and extranets across a broad range of enterprises. Providing enterprises with more choice in authentication based on risk, cost and user convenience, RSA Adaptive Authentication is delivered through on-premise software or via software-as-a-service with a low cost of ownership and increased end user convenience through the use of a self-learning risk analysis and assessment engine using indicators such as device identification, user behavior profiling and the RSA eFraudNetwork(SM) community. The new release is designed for large, distributed enterprise environments, including RSA customers AMD, Geisinger Health System and Rapattoni Corporation, to help to positively identify users using self-learning risk indicators before accessing corporate resources. The new release of RSA Adaptive Authentication platform is integrated with leading SSL VPN solutions, RSA Access Manager and RSA Identity Verification. The RSA Adaptive Authentication platform is a proven solution with more than 8,000 customers, currently protecting over 225 million online identities.
Full press releases and resources based on RSA’s announcements and related initiatives at RSA Conference 2009 can be found online at www.rsa.com\rsaconference2009.
RSA’s information-centric security solutions and services will be featured in booth 1725 at RSA Conference 2009,
RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration, helping the world’s leading organizations succeed by solving their most complex and sensitive security challenges. RSA’s information-centric approach to security guards the integrity and confidentiality of information throughout its lifecycle — no matter where it moves, who accesses it or how it is used.
RSA offers industry-leading solutions in identity assurance & access control, data loss prevention, encryption & key management, compliance & security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.
EMC Corporation (NYSE: EMC) is the world’s leading developer and provider of information infrastructure technology and solutions that enable organizations of all sizes to transform the way they compete and create value from their information. Information about EMC’s products and services can be found at www.EMC.com.
RSA, BSAFE, eFraudNetwork and enVision are either registered trademarks or trademarks of RSA Security Inc. in
This release contains “forward-looking statements” as defined under the Federal Securities Laws. Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including but not limited to: (i) adverse changes in general economic or market conditions; (ii) delays or reductions in information technology spending; (iii) our ability to protect our proprietary technology; (iv) risks associated with managing the growth of our business, including risks associated with acquisitions and investments and the challenges and costs of integration, restructuring and achieving anticipated synergies; (v) fluctuations in VMware, Inc.’s operating results and risks associated with trading of VMware stock; (vi) competitive factors, including but not limited to pricing pressures and new product introductions; (vii) the relative and varying rates of product price and component cost declines and the volume and mixture of product and services revenues; (viii) component and product quality and availability; (ix) the transition to new products, the uncertainty of customer acceptance of new product offerings and rapid technological and market change; (x) insufficient, excess or obsolete inventory; (xi) war or acts of terrorism; (xii) the ability to attract and retain highly qualified employees; (xiii) fluctuating currency exchange rates; (xiv) litigation that we may be involved in; and (xv) other one-time events and other important factors disclosed previously and from time to time in the filings of EMC Corporation, the parent company of RSA, with the U.S. Securities and Exchange Commission. EMC and RSA disclaim any obligation to update any such forward-looking statements after the date of this release.
SOURCE EMC Corporation