How to Choose the Right Cybersecurity Solution REGISTER >
As data breaches continue to hit the headlines, Microsoft and RSA said Thursday they would integrate data protection products in a deepening of their long-standing relationship.
As a result, Microsoft (NASDAQ: MSFT) will embed the data-classification engine of RSA's Data Loss Prevention (DLP) Suite into existing and future products. It also said it would tightly integrate RSA's DLP Suite 6.5 with Windows Server 2008's Active Directory Rights Management Services (RMS) -- which assigns user rights to help control their access to content like intranet sites, e-mails and documents.
"The goal is to give companies a far better way to protect sensitive data and share it securely," said Tom Corn, vice president of products in the Data Security Group at RSA, the security arm of storage vendor EMC, (NYSE: EMC). "We're not just integrating these technologies, but building them into the infrastructure."
The product created by integrating RSA's DLP Suite 6.5 and Microsoft's Active Directory RMS will be shipped later this month, Microsoft said. Running on Windows 2008, it will enable enterprises to automatically apply RMS-based information access and usage policies to content based on its sensitivity.
It will also enable users to implement data loss prevention controls tied to employees' identity or group membership.
"You can define policies centrally about the information you want to protect, have your infrastructure be content-aware, have it understand when it's handling sensitive information according to those policies, and know who's touching that information," RSA's Corn told InternetNews.com.
The bitter with the sweet
While mobile devices are not currently covered by content-aware DLP agents, eventually they will be, Gartner's Proctor said. That will be important, because the number of mobile users in enterprises is growing.
The joint Microsoft-RSA products also are aimed at helping enterprises further leverage their existing technology infrastructure. That could appeal to enterprises eager to avoid ponying up for additional hardware -- something they are all very keen to avoid in this recession.
"We're making sure the investments customers make today carry forward into the future," JG Chirapurath, the director of Microsoft's Identity and Security Business Group, told InternetNews.com. "We'll use infrastructure customers already own, like Active Directory and SharePoint."
Active Directory is used in many enterprises for access control, authentication and policy enforcement. SharePoint, meanwhile, has penetrated corporations rapidly as a collaboration and document management platform.
While implementing the pair's DLP solution may avoid a large additional investment, it may not necessarily be a cakewalk. Network slowdowns could be one unfortunate result, Proctor said.
"DLP can introduce latency if it is not architected and used in the right places on the network," he said.