Modernizing Authentication — What It Takes to Transform Secure Access
RSA Tuesday trumpeted major enhancements to its data loss prevention (DLP) Suite 9.0 intended to help IT organizations deal with the flood of consumerized IT devices like smartphones and tablets that are increasingly accessing corporate networks.
"The latest release of RSA DLP continues to advance RSA's security management platform through expanded visibility into the risk from sensitive data and helps enable customers to better address security for smartphones and tablets, SharePoint sites and social media, all without compromising on productivity of the end user," said Manoj Nair, vice president of Security Management and Compliance Products at RSA, the security division of EMC.
The enhancements to the newest version of RSA DLP Suite were engineered to help global organizations better discover, monitor and manage risk from sensitive data loss across the infrastructure, whether the sensitive data are accessed via smartphones and tablets, stored in Big Data repositories or provisioned through virtual applications and desktops.
Security is always a balancing act between flexibility and ease of use on the one hand and locking down risk on the other. Most security experts agree that security officers at many organizations are wrestling with this fact as employees are increasingly bringing smartphones and tablets from home into the work environment. These devices can greatly enhance worker productivity, but they are also a challenge to secure and manage from an IT perspective.
"Employees are bringing consumer-grade tools into the enterprise," said Ash Devata, senior manager on RSA's DLP Products team. "They're bringing their own iPads and they're opening their own blogs and so on."
At the same time, Devata said enterprises are also starting to use consumer-grade tools -- for instance, using LinkedIn to find new employees.
These tools can create blind spots in an organization because they're often unmonitored and organizations can't see how they're being used. For instance, organizations can't see what's being downloaded to an iPad. Social media presents a similar risk. It would be trivially easy for an employee to post a highly sensitive road map document on Wikipedia, Devata noted.
"Companies of all sizes are seeking the business benefits of advances in disruptive technologies such s social, mobile and cloud -- collaboration, agility, productivity, innovation, higher growth and lower cost," said Derek Brink, vice president and research fellow for IT Security at research firm Aberdeen Group. "At the same time, most companies are aware that there are associated risks related to security, privacy and compliance of their data that must be managed. Aberdeen's research confirms that the top performers are the ones who balance this risk and reward, who view DLP not as a technology, but as an important element of an enterprise-wise security management program that can scale to help them cope with information explosion and business growth."
DLP 9.0 seeks to help organizations mitigate risk by providing more visibility but without resorting to agents. Devata noted that one of the primary vectors for data loss is e-mail, so DLP 9.0 helps organizations monitor the flow of e-mail that contains sensitive data on the network level.
"We can actually monitor what e-mail is getting downloaded onto devices and force some controls around it," Devata said.
RSA has also added two new DLP process management modules -- DLP Policy Workflow Manager and DLP Risk Remediation Manager -- to help organizations monitor and control the flow of sensitive data on their networks. RSA said the new modules are designed to help organizations better manage the lifecycle of data protection policies and to better manage risk discovered through DLP scans.
In addition, RSA has also introduced grid-based scanning with native support for Microsoft SharePoint sites and Microsoft Exchange repositories with the aim of simplifying the process of discovering and managing risk for data at rest. RSA said this step will help organizations more cost effectively manage the risk introduced by the proliferation of data across various Big Data repositories.
"Organizations not only want to protect their regulatory data such as credit card data and privacy data but also want to gain control on the lifecycle of their intellectual property data," said Chuck Bloomquist, chief technology officer of data loss prevention specialist BEW Global. "RSA offers a set of solutions from DLP and their security management portfolio that can help customers establish a holistic risk management program focused on protecting sensitive data across the infrastructure from e-mail to endpoint."
RSA said DLP Suite 9.0 will be generally available next month.
Thor Olavsrud is a contributor to InternetNews.com, the news service of Internet.com, the network for technology professionals.