• No results found

RSA, The Security Division of EMC. Zamanta Anguiano Sales Manager RSA

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "RSA, The Security Division of EMC. Zamanta Anguiano Sales Manager RSA"

Copied!
21
0
0

Loading.... (view fulltext now)

Download now ( 21 Page )

Full text

(1)

RSA, The Security Division of EMC

Zamanta Anguiano

(2)

The Age of the Hyperextended Enterprise

2

Hyperextended

Enterprise

Complex

Risk, Security and

Compliance Environment

Supply Chain

IT Consumerization

Customer

Services

Innovation

Collaboration

Expanding

Identities

Exploding

Information

Evolving

Infrastructure

Increasing

Regulations

BUSINESS ISSUES

IMPACT

Virtualization and

Cloud Computing

(3)

Point Tool Policy Team

Traditional Approach

Point Tool Policy Team Point Tool Policy Team Network Endpoint Applications

Siloed

Inflexible

Inconsistent

Costly

(4)

Our Customers Are Asking Themselves

4

Am I secure?

Am I compliant?

Where do I have gaps?

How do I prioritize?

(5)

Our Customers Are Asking Themselves

5

Can I do this affordably?

(6)

Meeting our Customers’ Challenges

Prove

Compliance

Consistently &

Affordably

Secure

Virtualization

& Cloud

Computing

Secure Access

for Increased

Mobility &

Collaboration

Manage Risk

and Threats

Throughout

Enterprise

6 How?

(7)

Managing Risk and Threats

7

No clear visibility to

threats and exposures

Inability to adequately

(8)

What We’ve Heard

Risk and Threat Management

CHALLENGE

Single dashboard for managing risk

Regular feed of current and relevant threat information

Gap analyses and security assessments Ability to

discover, monitor and protect sensitive data as it travels Automated incident and threat management process integrated with embedded detection tools and controls Easy-to-use tools for dashboarding compliance, reporting, forensics analysis Siloed view of risk

Can’t respond quickly enough to incidents

Don’t have a good handle on vulnerabilities

Security measures don’t address internal and external threats

Difficult to prioritize threats and incidents

8 MENU

REQUIREMENT

SOLUTION

Comprehensive view of external threats, sensitive data

(9)

What We’ve Heard

Fraud Management

CHALLENGE

24 x 7 x 365 dedicated anti-fraud cybercrime operation

Ability to share cybercrime across thousands of networked organizations Accurate, real-time

fraud/threat detection with minimal impact to user experience

Layered defense strategy to safely offer new products and services Knowledge and prevention of fraud losses MENU 9 Difficult to balance tradeoff between strong security and user

experience

Can’t keep pace with cybercriminal

innovation and tactics

Unaware of the money, credentials, assets identities that my business is losing

Prevented from offering new services/products due to lack of controls

REQUIREMENT

SOLUTION

Cybercrime defense strategy to prevent unauthorized use

(10)

Prove Compliance Consistently

and Affordably

10

Difficult to keep track of

changing regulations

Time consuming

manual processes

Unclear view of

compliance posture

(11)

What We’ve Heard

Prove Compliance Consistently and Affordably

CHALLENGE

Centralized policy system powered by content from a community of experts Automated compliance process integrated with well-defined controls and reporting

Streamlined, repeatable system

Ability to discover, monitor and protect sensitive information

Real-time alerting

Flexible dashboards and reports for compliance

Tailored dashboards to get the right information to the right people when they need it

11 MENU

Can’t keep up with changing regulations

Wasting time and money with inefficient, manual processes

Not sure if we’re non-compliant

No way to communicate compliance posture throughout the organization

REQUIREMENT

SOLUTION

Easier audits, minimized exposure, improved focus

(12)

Secure Access for Increased Mobility

and Collaboration

12

Lack of confidence in

secure access

Struggle with

one-size-fits-all security

Security impeding new

business initiatives

(13)

What We’ve Heard

Secure Access for Increased Mobility and Collaboration

CHALLENGE

Strong authentication for workforce, partners customers

Flexibility to enforce policies and controls – by user, document, site or transaction

Range of authentication mechanisms for various applications and profiles Single sign-on capabilities for reduced costs and increased user satisfaction

Global threat detection and takedown

Corporate identities, credentials and systems recovery

Confidence that only legitimate users are accessing

your information

Ability to monitor all user activity on the network

13 MENU

Unclear who is remotely accessing our systems and what they are doing inside the network

Users bypass cumbersome security mechanisms --putting corporate resources at risk

Not prepared to address attacks against our organization

Security is impeding new business

initiatives such as VDI and outsourcing

REQUIREMENT

SOLUTION

Enable collaboration between employees, partners

(14)

Securing Virtualization and Cloud

14

Security is

impeding adoption

Proceeding without security

policies and processes

Lack of visibility

and control

(15)

What We’ve Heard

Virtual Desktop Security

CHALLENGE

Expertise and best practices for secure Virtualization; EMC, VMware and RSA

Identify and protect sensitive information in use on virtual desktops

Two factor authentication for user and

administrator access

Monitor security events across VDI to integrate into existing security operations and compliance reporting

15 MENU

Slow VDI rollout due to security concerns; Increasing costs and risks

Lack of control over information on 3rd party desktops and employee

laptops

Need to protect access to VDI

Visibility into security events and compliance across VDI

REQUIREMENT

SOLUTION

Realize business benefits of virtualizing desktops

(16)

What We’ve Heard

Virtual Business Applications Security

CHALLENGE

Enforce a single data security policy -- physical and virtual

Collect and correlate security and compliance events – physical and virtual

Enforce secure access for privileged users

Integrated solution to secure the virtual

infrastructure, access to it, and information within it Expertise and best

practices for secure virtualization – EMC, VMWare, RSA

MENU

Need to better understand security and compliance risks in virtualized

environment

Lack the visibility and controls in a virtualized environment that we have in physical IT environment

Our virtual servers are less secure than the physical servers they replace

REQUIREMENT

SOLUTION

Realize the benefits of virtualization for mission critical

(17)

BUSINESS DRIVERS

How We Do It

System for Managing Security, Risk and Compliance

Define Policy

Map to Controls

Assess Risk and

Report

Add

Context

Monitor | Audit | Report

Correlate

Collect

Manage

Monitor

Detect

Enforce

IDENTITIES

INFRASTRUCTURE

INFORMATION

Manage Governance, Risk + Compliance

(18)

RSA Archer eGRC Suite

(19)

MAAGTIC

(20)

Why our Customers Choose RSA

Integrated Approach to Managing

Security, Risk and Compliance

Connecting governance, evidence and

controls

Industry Leadership &

Market-Leading Products and Services

Authentication, Data Loss Prevention,

eGRC, SIEM, Web Fraud Protection

Out-of-the-Box Expertise

…about regulations, threats and best

practices, built by teams of experts

20

EMC Connection

Investing in our customers’

success

Built-in Versus

Bolted-on Security

Embedding controls directly into

the infrastructure

RSA Community

Security and eGRC experts

collaborating on challenges and

trends

(21)

References

Download now ( PDF - 21 Page - 819.08 KB )

Related documents

CHANGING THE SECURITY MONITORING STATUS QUO Solving SIEM problems with RSA Security Analytics

RSA Security Analytics is the security solution that enables comprehensive security monitoring, incident detection and investigation, long term archiving and analytics, Big

EMC Security for Microsoft Exchange Solution: Data Loss Prevention and Secure Access Management

• RSA Authentication Manager agents installed on Windows 2003 R2 • RSA Authentication Manager PAM module on VMware ESX Server 3.5 • Microsoft ISA 2006 server with embedded

RSA, The Security Division of EMC envision platform v4.0 SP 1. Security Target

EAN _RDR.1 (EXP), Restricted data review, defines the requirements for who can access event data and ensures that event data is formatted in a manner suitable for

RSA, The Security Division of EMC RSA Data Loss Prevention Suite v6.5. Security Target

The SFR meets the objective by requiring that only the Admin Role and authorized Limited Admin roles be permitted to perform management actions on the DLP Network

RSA, The Security Division of EMC RSA Access Manager v6.1. Security Target

The TSF shall enforce the [Authorization Server Access Control Policy] to restrict the ability to [change_default, query, modify or delete] the security

EMC Symmetrix Data at Rest Encryption

Unencrypted data Encrypted data Management traffic RSA Key Manager Client RSA Embedded Key Manager Server Service Processor...

STATE OF NEW JERSEY CONSOLIDATED ANNUAL PERFORMANCE AND EVALUATION REPORT FFY 2009

During the performance period, July 1, 2009 to June 30, 2010 the DCA leveraged its HOME funds with State and other federal resources, to construct affordable housing,

100 key research questions for the post-2015 development agenda

*Research Fellow, Sheffield Institute for International Development, The University of Sheffield, UK, School of Natural Resources and Environment, The University of Michigan, USA