RSA and Microsoft´s Build in vs.Bolt On “ Kimmo Bergius, Microsoft Petri Vilander, RSA, Security Division of EMC
RSA and Microsoft´s Build in vs.Bolt On “
Kimmo Bergius, Microsoft
Petri Vilander, RSA, Security Division of EMC
Microsoft and RSA partnering with a Built-In “systems” approach to protect sensitive
information throughout the infrastructure based on content, context, and identity
Two Main Components of Announcement:
• Microsoft building RSA Data Loss Prevention (DLP) classification technology
directly into multiple Microsoft products throughout the infrastructure.
• RSA integrating Microsoft Rights Management Services (RMS) and Active
Directory (AD) Groups in DLP 6.5 (Available Dec ‘08)
All RSA DLP solutions today are Future Ready for RSA DLP enabled Microsoft products
RSA and Microsoft share mutual roadmap for Integrated Solutions
• MS SharePoint Security
What Microsoft and RSA did Announce?
3
What a Year!
SIEM Magic Quadrant: May 2008
DLP Magic Quadrant: June 2008
Web Fraud Management MQ:
Jan 2009 TBD
“RSA is vastly more than user authentication; it is a key
portion of how companies protect critical records and
comply with critical regulations.”
ITBusiness Edge, Rob Enderle
“ A Huge Cache of Stolen Financial Data”“ A Huge Cache of Stolen Financial Data”
“Security and Innovation: Why Can’t
We All Get Along”
“EMC, Microsoft Team Up
on Data Security”
4
2008 was a year of strength for RSA
Acceleration in Newer, Growth Categories:• IPV
• enVision
• DLP
Expansion into New Verticals
Creation of New Partnerships• Microsoft
Recognition of Our Market Leadership• RSA Value
• Forrester Wave leadership for DLP
• Gartner Magic Quadrant Leadership for enVision, DLP and IPV (new!)
5
RSA Protection in Action
200 Million+
online identities
protected with
RSA identification
and protection
technology
1 Billion+
applications shipped
with RSA BSAFE®
encryption most widely
deployed software in
the world*
240,000+
events per second
logged from over
80,000+ devices at a
single
RSA enVision®
customer site
30,000+
organizations
protected by
RSA technology
100,000+
online phishing
attacks shut down
by the RSA
Anti-Fraud
Command Center
*Embedded in Microsoft, HP, Sun and IBM operating systems, Internet Explorer and Netscape browsers,Ericsson, Nokia, Motorola phones, major US government agencies and the list goes on
240,000+Events logged per second
200 Million+Identities protected
1 Billion+Applications shipped with BSAFE® Encryption
30,000+Organizations protected
100,000+Phishing attacks shut down
6
RSA Strategy – “RSA System”
1 Holistic
Solution
Build a holistic solution, integrating between and
among products and services from RSA and EMC.
2 Leverage Own strategic aspects of the system: policies,
monitoring and some controls where we are market
leaders. Move into adjacent markets.
3 Integrate Own or partner for key assets in Identity, Intelligence
and Information Infrastructure.
4 Partner
Ecosystem
Build an ecosystem of strategic, market leaders that
control key segments which significantly expand our
footprint.
5 Strategic
Services
A suite of services that allow us to become the
trusted advisor to our customers.
7
CISO’s “View of the World”
RISK
INFORMATION
Protect Important Information
• Sensitive/Legal/Financial
• PII
• IP
Ignore Unimportant Information
• Product Literature
• Marketing Collateral
• Corporate Information
Enable
• Employees
• Customer
• Partners
Disable
• Inexperienced Users
• Disgruntled Employees
• Criminals
• Spies
IDENTITIES
INFRASTRUCTURE
POLICY
COLLECT – ANALYZE – REPORT – RESPOND
Data CenterData Center
ApplicationsApplications
End PointsEnd Points
NetworksNetworks
8
The RSA System
RISK
INFRASTRUCTURE
POLICY
SIEM
INFORMATION
POLICY
SIEM
INFRASTRUCTURE
Data CenterData Center
ApplicationsApplications
End PointsEnd Points
COLLECT – ANALYZE – REPORT – RESPOND
IDENTITIES
POLICY
AuthenticationAccess Controls
DLPEncrypt/ Key Mgmt
POLICYPolicy Management
Console
Are my controls working?
Am I compliant?
NetworksNetworks
Microsoft and RSA partnering with a Built-In “systems” approach to protect sensitive
information throughout the infrastructure based on content, context, and identity
Two Main Components of Announcement:
• Microsoft building RSA Data Loss Prevention (DLP) classification technology
directly into multiple Microsoft products throughout the infrastructure.
• RSA integrating Microsoft Rights Management Services (RMS) and Active
Directory (AD) Groups in DLP 6.5 (Available Dec ‘08)
All RSA DLP solutions today are Future Ready for RSA DLP enabled Microsoft products
RSA and Microsoft share mutual roadmap for Integrated Solutions
• MS SharePoint Security
What Microsoft and RSA did Announce?
Microsoft Building Information Protection Into InfrastructureRSA Providing Complementary Platforms
Add-on
Policies
RSA DLP Enterprise ManagerRSA
Microsoft
E-mail/UCEndpoint Network Apps FS/CMS Storage
Microsoft Information Protection Management
Built-in DLP
Classification
and RMS Controls
Microsoft Environment and Applications
RSA DLP
Endpoint
Complementary
Platforms and
functionality
RSA DLP
Network
RSA DLP
Datacenter
• Future ready: Seamless upgrade path for current DLP customers
• Common policies throughout infrastructure
• Built-in approach to protect data based on content, context, identity
First Step - RSA DLP Suite integrating with Microsoft AD RMS in DLP 6.5 Release (Dec 2008)
3. RSA DLP discovers and
classifies sensitive files
4. RSA DLP applies RMS
controls based on policy
• Automate the application of AD RMS protection based on sensitive information identified by RSA DLP Datacenter and DLP Endpoint Discover
• Leverage AD Groups with DLP Network and Endpoint Enforce for identity or group aware data loss prevention
Microsoft AD RMS Legal
Department
Outside law
firmOthers
View, Edit,
PrintView No Access
Legal
Contracts
RMS
RSA DLP
Find Legal Contracts
Apply Legal Contracts RMS
Contracts
DLP Policy
5. Users request
files - RMS
provides policy
based access
Legal department
Outside law firm
Other
s
Laptops/desktops
File shares SharePoint
2. RSA DLP admin designs
policies to find sensitive data
and protect it using RMS
1. RMS admin creates
RMS templates for
data protection
Microsoft Building Information Protection Into InfrastructureRSA Providing Complementary Platforms
Add-on
Policies
RSA DLP Enterprise ManagerRSA
Microsoft
E-mail/UCEndpoint Network Apps FS/CMS Storage
Microsoft Information Protection
Management
Built-in DLP
Classification
and RMS Controls
Microsoft Environment and Applications
RSA DLP
Endpoint
Complementary
Platforms and
functionality
RSA DLP
Network
RSA DLP
Datacenter
• Future ready: Seamless upgrade path for current DLP customers
• Common policies throughout infrastructure
• Built-in approach to protect data based on content, context, identity
First Step - RSA DLP Suite integrating with Microsoft AD RMS in DLP 6.5 Release (Dec 2008)
3. RSA DLP discovers and
classifies sensitive files
4. RSA DLP applies RMS
controls based on policy
• Automate the application of AD RMS protection based on sensitive information identified by RSA DLP Datacenter and DLP Endpoint Discover
• Leverage AD Groups with DLP Network and Endpoint Enforce for identity or group aware data loss prevention
Microsoft AD RMS Legal
Department
Outside law
firmOthers
View, Edit,
PrintView No Access
Legal
Contracts
RMS
RSA DLP
Find Legal Contracts
Apply Legal Contracts RMS
Contracts
DLP Policy
5. Users request
files - RMS
provides policy
based access
Legal department
Outside law firm
Other
s
Laptops/desktops
File shares SharePoint
2. RSA DLP admin designs
policies to find sensitive data
and protect it using RMS
1. RMS admin creates
RMS templates for
data protection
Monday February 02, 2009
Practice What You Preach: EMC Implements Its Own Solution for Data Loss Prevention
Monday, 05 January 2009 15:46 V.Jay LaRosa, EMC
When technology giant EMC Corp. deployed a data loss prevention (DLP) solution for the first
time, it chose to protect a critical asset: software source code obtained through nearly four dozen
acquisitions.
Like most large companies, EMC is tackling the challenge of data loss prevention (DLP)- keeping
sensitive, confidential and high-value information from “leaking” outside the organization through
unauthorized or unprotected channels. Our efforts are driven by the usual pressures: increased
compliance requirements, the need to manage business risk, and the desire to preserve our
brand.
But we have another compelling reason as well. Our customers expect us to practice what we
preach. And one value we preach, especially through our RSA Security division, is the importance
of protecting critical information assets from external and internal threats.
So it was a logical step for us to take the plunge into data loss prevention, which aims to reduce
losses caused by insider activities, including deliberate misdeeds by wrong-doers and accidental
security lapses caused by unwitting employees, contractors and partners.
Computer Technology Review - newpaper
RSA and Microsoft Integrated Solution MS SharePoint Security
information
identities
infra-structure
• Unfettered growth of SharePoint
sites with lack of central
management of security
• Need for granular, central control
over where sensitive data might
exist and who has access to it
• Need for reporting on actual access
to sensitive data
• Need to ensure SharePoint
configuration is secured
Problem Offer
1- Which Sites Are
Sensitive?
DLP
2- Who’s using those
sites?
EPM
3- How are they using
them?
enVision /EPM
4- Can I control the data? DLP
5- Can I control Access? EPM and SID
6- Can I de-provision? Courion
17
MS SharePoint SecurityQuestions and Capabilities
Known Sites Known Confidential Sites
Confide
ntial
1
Confidential
Sites & Users
2
PPPPPPPP 3
Data Controls
Access Controls56
Event Monitoring
4
Discovery of Sites and Sensitive Information on the sites
Information righs management
– Through integration of DLP and MS RMS
Central Entitlements Management
–Sensitivity awareness through integration with DLP
Monitoring and Reporting of User access and activities
– enVision monitoring DLP and EPM logs
Identity provisioning
Security configuration mgmt
Proposed RSA Solution Components
DLP Datacenter
+EMC ADM
18
EPM + SecurID
enVision
Courion or other partner
Pro svcs, EMC partners
DLP Datacenter
+MS RMS
Finally….
Thank
You
MerciGrazie
Gracias
Obrigado
Danke
Japanese
English
French
Russian
German
Italian
Spanish
Brazilian Portuguese
Arabic
Traditional Chinese
Simplified Chinese
Hindi
Tamil
Thai
Korean
Petri Vilander
Country Manager
+358 (0) 201 202 200
Kimmo Bergius
Chief Security Advisor
+358 (0)50 3428739