delivering information-centric security carol clark senior manager, emea market development
Post on 19-Dec-2015
220 views
TRANSCRIPT
Delivering Information-centric Security
Carol ClarkSenior Manager, EMEA Market Development
EMC: Information Infrastructure
Forward thinking IT organizations are transforming their infrastructures to maximize the value of information
Information Infrastructures help organizations store information efficiently, protect it from loss or misuse, optimize IT operations and leverage information for new business value
RSA, The Security Division of EMC was launched in Q4 ’06 to help customers accelerate their business with confidence
SystemsSystems DataDataPeoplePeople
Transactions
Information Infrastructurestore | protect | optimize | leverage
A Crisis of Confidence: Is Data Safe?
Source: Enterprise Strategy Group March 2006
18%
82%
Data confidentiality and integrity are the top-of-mind concerns
Fear of data loss/privacy breach– Protecting sensitive data from
unauthorized access and use
Significant financial implications
Fear of audit and non-compliance– Compliance with internal and external
mandates on data protection
Significant legal implications
… fewer than one in five organizations feel all their data is adequately protected
Despite massive investment in security products and services…
Loss of customer confidence and reputation damage
Increasing Enterprise Focus on Data Security
IncreasedMonetary
Impact
GreaterRegulatory
Scrutiny
Rise in Disclosures
Increasedfocus on
Data Security
Increasedfocus on
Data Security
From the Storage of Data to the Management of…
Information
Customers Partners EmployeesApplications
Infrastructure
InformationPOS
photos
directories
VoIP
reportswhitepapers
models
images
designs
XML
presentations
analysis
research
manuals
images
models
quotes
resumesSOW
inventory
video
orders
Web
brochures
payroll
balancesquotes
forecastsnotes
memos
proposalsillustrations
reports
SOPs
warranties
articles
manuals
plans
models
tests
reports
RFID
whitepapers
specs
images
billing
contracts
The Information Trap
Volume of Data75% Annual Increase
From Gigabytes to Petabytes in just ten years
Complexity of OperationsHundreds of applications and formats
Intricate servers and storage networks New rules, regulations and risks
Customers Partners EmployeesApplications
Infrastructure
InformationPOS
photos
directories
VoIP
reportswhitepapers
models
images
designs
XML
presentations
analysis
research
manuals
images
models
quotes
resumesSOW
inventory
video
orders
Web
brochures
payroll
balancesquotes
forecastsnotes
memos
proposalsillustrations
reports
SOPs
warranties
articles
manuals
plans
models
tests
reports
RFID
whitepapers
specs
images
billing
contractsYour NextOpportunity
presentations
proposals
orders
research
specs
models
Your NextInnovation
The Greatest Asset… can be a Significant Liability
imagesYour Next
Breach
emailmemos
contracts
The Greatest Asset…
InformationPOS
photos
directories
reports
images
XML
images
resumes
inventory
proposals
Users save everything - manage nothing– 90% of unstructured information is unmanaged– Low value information clogs the infrastructure
Information is under constant attack– Unauthorized Access to Information and Intellectual Property Theft
are the only growing categories and now 50% larger than Virus
High value information is underutilized and unprotected– 70% of existing unstructured info is re-created from scratch– $1.6 million per discovery
IT struggles to align with the business– 80% of IT budget consumed by operations and maintenance
Information Challenges
Our Inability to Manage Information is the Vulnerability
The Hard Reality:Organizations cannot secure what they do not manage
Create
Classify
Collaborate
Transform
Version
Publish
Archive Retire
Re-archive
Query
The Lifecycle of Enterprise Information
Services and PartnersServices and Partners
Information Lifecycle ManagementInformation Lifecycle Management
Virtu
alization
Virtu
alizationR
eso
urc
eM
gm
tR
eso
urc
eM
gm
t
Intelligent Information Mgmt Software
Archiving Software
Data Mobility Software
Protection Software
Content Management Software
Tiered Storage
EMC’s Information Infrastructure Platform
Services and PartnersServices and Partners
Information Lifecycle ManagementInformation Lifecycle Management
Virtu
alization
Virtu
alizationR
eso
urc
eM
gm
tR
eso
urc
eM
gm
t
Intelligent Information Mgmt Software
Archiving Software
Data Mobility Software
Protection Software
Content Management Software
Tiered Storage
EMC’s Information Infrastructure Platform
Where’s Security?
secure datasecure access
Introducing Information-centric Security
customers
partners
employees
security information managementsecurity information management
secure enterprise dataPreserve the confidentiality and integrity of critical data wherever it resides
secure customer accessOffer self-service channels, prevent fraud, and enhance consumer confidence
secure partner accessOpen internal systems to trusted partners
secure employee accessEnable secure, anytime, anywhere access to corporate resources
manage security informationComply with security policy and regulations
Secure DataSecure Data
Halifax Bank of Scotland reported an 80% reduction in
fraud after deploying RSA technology.
Secure Customer Access
Secure customer self-service channels
Provide risk-appropriate authentication options for customers on web or phone
Provide secure access to web portals and applications through role-based authorization
Monitor online transactions, detect and flag high-risk activities and investigate to reduce fraud
Detect and shutdown Phishingand Pharming attacks
Secure AccessSecure Access
customers
RSA Capabilities: Adaptive Authentication | Fraud Protection | Transaction Monitoring | Web Access Management
Security Information ManagementSecurity Information Management
Secure DataSecure Data
Secure Employee and Partner Access
Securely work with corporate resources anywhere, anytime; and simplify access to internal network resources
Authenticate authorized remote users to corporate resources by securely extending the reach of Web-based systems
Securely leverage the value of Web-based systems for partner ecosystems
Authenticate authorized partners to corporate resources and leverage trusted identities across multiple corporate domains
Provide secure access to web portals and applications through role-based authorization and share trusted identities across partner domains
Secure AccessSecure Access
employees
Over 20,000 organizations worldwide use RSA SecurID®
authentication to protect corporate data and resources
RSA Capabilities : Strong Authentication | Enterprise SSO | Web Access Mgmt. | Card Mgmt. | Digital Certs.
Security Information ManagementSecurity Information Management
More than 1,000 companies worldwide embed RSA
BSAFE encryption software in their applications.
Secure DataSecure DataSecure AccessSecure Access
Security Information ManagementSecurity Information Management
RSA Capabilities: Classification | Encryption | Key Mgmt. | Rights Mgmt. | Advisory & Implementation Services
Secure Data
Protect critical structured and unstructured data wherever it resides.
Classify sensitive information and develop appropriate protection policies and enforcement strategies
Encrypt sensitive data at the application level, in databases, on backup tapes and storage systems
Manage the lifecycle of encryption keys across the enterprise
Secure AccessSecure Access Secure DataSecure Data
Manage Security Information
Validate compliance with security policy and regulations
Efficiently collect and store audit logs
from any IP device
Analyze and manage security events, perform real-time alerting and detailed forensic analysis
Analyze data and produce targeted compliance reports for regulations and internal policy
Integrate solution with Enterprise Storage for effective lifecycle management of log data
Security Information ManagementSecurity Information Management
“RSA enVision® allows us to do things we simply couldn’t
do before ... the ROI has been huge.”
Source: Cole Taylor Bank
RSA Capabilities: Security Information and Event Mgmt. (SIEM) | Enterprise Storage | Implementation Services
Flexible Solutions for a Variety of Needs
secure customer, partner and employee access
Technology Solutions:Secure Consumer Identities and Access
Secure Enterprise AccessSecure Remote Access
Web Access Management
manage security information
Technology Solutions:Compliance & Security
Information Management
assessment, planning and implementation services
Offerings include:Classification for Information Security
Design and Implementation for Security Information Mgmt.Design and Implementation for Storage Encryption
secure data
Technology Solutions:Secure Enterprise Data
AvailabilityAvailability
StorageStorage
SecuritySecurityVirtualizationVirtualization
IntelligentInformation
Mgmt
IntelligentInformation
Mgmt
EnterpriseContentMgmt
EnterpriseContentMgmt
Archive
InformationInfrastructureInformation
Infrastructure
Store
ProtectOptimize
Leverage
ResourceMgmt
ResourceMgmt
Your Information Infrastructure
Information-centric Security
May 2007