Transcript Presentation Title: 32 pt Arial Normal

Delivering Information-centric Security
Carol Clark
Senior Manager, EMEA Market Development
EMC: Information Infrastructure
Forward thinking IT organizations
are transforming their
infrastructures to maximize the
value of information
People
Systems
Data
Transactions
Information Infrastructure
store | protect | optimize | leverage
Information Infrastructures help
organizations store information
efficiently, protect it from loss or
misuse, optimize IT operations and
leverage information for new
business value
RSA, The Security Division of EMC
was launched in Q4 ’06 to help
customers accelerate their
business with confidence
A Crisis of Confidence: Is Data Safe?
18%
Despite massive
investment in security
products and services…
82%
… fewer than one in five
organizations feel all
their data is adequately
protected
Source: Enterprise Strategy Group
March 2006
Data confidentiality and integrity are the top-of-mind concerns
 Fear of data loss/privacy breach
– Protecting sensitive data from
unauthorized access and use
Significant financial implications
 Fear of audit and non-compliance
– Compliance with internal and external
mandates on data protection
Significant legal implications
Loss of customer confidence and reputation damage
Increasing Enterprise Focus on Data Security
Rise in
Disclosures
Increased
focus on
Data Security
Greater
Regulatory
Scrutiny
Increased
Monetary
Impact
From the Storage of Data to the
Management of…
Information
The Information Trap
Applications
Customers
Partners
contracts
SOPs
presentations
video
quotes
images
manuals
manuals
specs
RFID
reports
whitepapers
images
Volume of Data
forecasts
SOW
75%
Annual
Increase
analysis
memos
Employees
directories email
orders
Information
From Gigabytes
to
Petabytes
XML
tests
proposalsmodels POS
in
just
ten
years
quotes
VoIP
research
illustrations
Web
reports
images
payroll
brochures
photosbalances
reports
email
Complexity
ofmodels
Operations
articles
designs
Hundreds of applications and formats
Intricate servers and storage networks
models
New rules, regulations and risks
warranties
Infrastructureplans
whitepapers
resumes
inventory
billing notes
The Greatest Asset… can be a Significant
Liability
The Greatest Asset…
Customers
Applications
Partners
Your Next
images
Breach
contracts
videoYour Next
quotes
SOPs
presentations
Opportunity
manuals
manuals
specs
RFID
reports
whitepapers
images Your
memos
Next
Innovation
forecasts
directories
SOW
analysis
presentations
VoIP
email
proposalsmodels
tests
illustrations
email
reports
warranties
proposals
resumes
research
POS
research
Web
Infrastructureplans
whitepapers
orders
Information
models
XML
quotes
Employees
reports
email
articles
images
models
inventory
billing notes
payroll
contracts
brochures
photosbalances
memos orders
models
specs
designs
Information Challenges
 Users save everything - manage nothing
– 90% of unstructured information is unmanaged
– Low value information clogs the infrastructure
 Information is under constant attack
images
reports
images to Information and Intellectual Property Theft
– Unauthorized Access
inventory
directories
are the only growing categories
and now 50% larger than
Virus
resumes
Information
 High valueXMLinformation
is underutilized
and unprotected
POS
proposals
– 70% of existing unstructured info is re-created from scratch
– $1.6 million per discovery
 IT struggles to align with the business
photos
email
– 80% of IT budget consumed by operations and maintenance
Our Inability to Manage Information is the
Vulnerability
Transform
Collaborate
Classify
Create
Query
Version
Publish
Re-archive
Archive
The Lifecycle of Enterprise Information
The Hard Reality:
Organizations cannot secure what they do not manage
Retire
EMC’s Information Infrastructure Platform
Information Lifecycle Management
Intelligent Information Mgmt Software
Resource
Mgmt
Archiving Software
Data Mobility Software
Protection Software
Tiered Storage
Services and Partners
Virtualization
Content Management Software
EMC’s Information Infrastructure Platform
Information Lifecycle Management
Intelligent Information Mgmt Software
Resource
Mgmt
Archiving Software
Where’s
Security?
Data Mobility Software
Protection Software
Tiered Storage
Services and Partners
Virtualization
Content Management Software
Introducing Information-centric Security
secure enterprise data
Preserve the confidentiality and integrity
of critical data wherever it resides
secure customer access
Offer self-service channels, prevent fraud,
and enhance consumer confidence
secure access
secure data
customers
secure partner access
Open internal systems to trusted partners
partners
employees
secure employee access
Enable secure, anytime, anywhere access
to corporate resources
security information management
manage security information
Comply with security policy and regulations
Secure Customer Access
RSA Capabilities: Adaptive Authentication | Fraud Protection | Transaction Monitoring | Web Access Management
Secure customer
self-service channels
Secure Access
Secure Data
customers
Security Information Management
Halifax Bank of Scotland
reported an 80% reduction in
fraud after deploying RSA
technology.
Provide risk-appropriate
authentication options for customers
on web or phone
Provide secure access to web
portals and applications through
role-based authorization
Monitor online transactions, detect
and flag high-risk activities and
investigate to reduce fraud
Detect and shutdown Phishing
and Pharming attacks
Secure Employee and Partner Access
RSA Capabilities : Strong Authentication | Enterprise SSO | Web Access Mgmt. | Card Mgmt. | Digital Certs.
Securely work with corporate resources
anywhere, anytime; and simplify access
to internal network resources
Secure Access
Secure Data
employees
Security Information Management
Over 20,000 organizations
worldwide use RSA SecurID®
authentication to protect
corporate data and resources
Authenticate authorized remote users to
corporate resources by securely
extending the reach of Web-based
systems
Securely leverage the value of Webbased systems for partner ecosystems
Authenticate authorized partners to
corporate resources and leverage
trusted identities across multiple
corporate domains
Provide secure access to web portals
and applications through role-based
authorization and share trusted identities
across partner domains
Secure Data
RSA Capabilities: Classification | Encryption | Key Mgmt. | Rights Mgmt. | Advisory & Implementation Services
Secure Access
Secure Data
Protect critical structured and
unstructured data wherever it
resides.
Classify sensitive information and
develop appropriate protection
policies and enforcement strategies
Security Information Management
More than 1,000 companies
worldwide embed RSA
BSAFE encryption software in
their applications.
Encrypt sensitive data at the
application level,
in databases, on backup tapes
and storage systems
Manage the lifecycle of encryption
keys across the enterprise
Manage Security Information
RSA Capabilities: Security Information and Event Mgmt. (SIEM) | Enterprise Storage | Implementation Services
Validate compliance with security
policy and regulations
Secure Access
Secure Data
Security Information Management
“RSA enVision® allows us to
do things we simply couldn’t
do before ...
the ROI has been huge.”
Source: Cole Taylor Bank
Efficiently collect and store audit logs
from any IP device
Analyze and manage security
events, perform real-time alerting
and detailed forensic analysis
Analyze data and produce targeted
compliance reports for regulations
and internal policy
Integrate solution with Enterprise
Storage for effective lifecycle
management of log data
Flexible Solutions for a Variety of Needs
secure customer, partner and employee access
Technology Solutions:
Secure Consumer Identities and Access
Secure Enterprise Access
Secure Remote Access
Web Access Management
manage security information
Technology Solutions:
Compliance & Security
Information Management
secure data
Technology Solutions:
Secure Enterprise Data
assessment, planning and implementation services
Offerings include:
Classification for Information Security
Design and Implementation for Security Information Mgmt.
Design and Implementation for Storage Encryption
Your Information Infrastructure
Optimize
Protect
Virtualization
Security
Resource
Mgmt
Availability
Information
Infrastructure
Intelligent
Information
Mgmt
Leverage
Archive
Enterprise
Content
Mgmt
Storage
Store
Information-centric Security
May 2007