RSA Ups Data Loss Prevention Ante

Security | News | Mike Vizard, Tuesday, March 16, 2010
compliance, data loss prevention, EMC
The RSA unit of EMC is expanding the policy management capabilities of its data loss prevention (DLP) software in a new release announced today.

Recognizing that IT organizations need a central approach to managing DLP while also enabling end users to manage governance, RSA is adding new tools that make it easier to share reports with key data stakeholders while continuing to execute policies that can now be extended to documents in multiple languages.

According to Mike Song, senior manager for DLP product marketing, the challenge with DLP right now is how to bring data owners into the process to help identify what data needs to be secured while leaving the bulk of the management process in the hands of IT. This new release is designed to meet that challenge, he said.

In addition, the new release adds an ability to proactively scan Microsoft SharePoint, Lotus Notes and IBM DB2 systems to discover potential risks.

RSA is currently pursuing both a stand-alone strategy for DLP software and partnering with other security vendors, such as Cisco’s IronPort unit, to embed DLP software into other applications. Song said that a dual  approach will allow RSA to increase the adoption of DLP software throughout the enterprise while also contributing to a drop in the total cost for deploying DLP software.

Comments (3) Bookmark and Share

Comments

respond this topic
Thu, 2011-07-21 11:52 — BlackwellAddie (not verified)
Houses are not cheap and not every person is able to buy it. Nevertheless, loans are invented to support people in such kind of cases.
5 Essential Ingredients of a DLP system
Wed, 2010-03-31 01:22 — Wendy - GTB Technologies (not verified)
1. Comprehensive channels coverage. It is impossible to predict which outbound channel the next data leak will occur. Some expected avenues are: corporate email, private email, webmail, blog, instant messenger, P2P application, internal web or FTP server etc. Therefore, the DLP system must cover ALL the relevant channels. The majority of “DLP” systems do not even try to cover all network channels. Typically, they cover SMTP, FTP, HTTP (client side), sometimes HTTPS and instant messaging. This coverage is further handicapped. For example, scanning SMTP, these systems require integration with the corporate email server and inspect only emails sent through it. Emails sent through an external ISP are overlooked. Emails accessed from outside the perimeter through POP3 or HTTP (server side) are ignored by such solutions. The dangers of file sharing applications and exposure of the internal web servers are disregarded. 2. Enforcement Data Leak Prevention, by its definition, requires electronic enforcement of the data security policy – i.e. the product must be able to effectively block transmission of protected data. Many “DLP” products being sold are actually DLD – Data Leak Detection products. They are designed to report what data breaches have occurred, instead of stopping them in real time. 3. Content Inspection The true DLP solution must inspect content. Making decisions based on the form (file type, file attributes etc.) or meta-data (author, language, size of attachment etc.) is not enough. 4. Accuracy The DLP solution must be sufficiently accurate. Among two types of errors (false positives and undetected leaks) the more dangerous error is a false positive. In the enforcement mode, even a small amount (0.1%-0.2%) of false positives can wreak havoc in the organization. Therefore, a DLP solution has to employ detection technology with virtually zero false positives. Another aspect of accuracy is that the DLP system must protect data and not a specific form of its representation. Therefore, the DLP system must be resilient to typical modifications of the data, such as excerpting, embedding, changing file format, re-ordering, re-typing, text re-formatting etc. 5. Non-duplicating protected data. The DLP solution must not duplicate the protected data in any form! If it does, then DLP becomes Data Leak Provoking. But many vendors still sell products, copying the data they are supposed to protect into their internal database. Encrypting such data, or keeping it in the form of the search index is not enough to satisfy this requirement!
Best Enterprise Data Leak Prevention System
Tue, 2010-03-16 16:07 — Jim (not verified)
Price will no longer be the factor in determining whether a Data Loss Prevention system can be implemented within an organization. With Prevensys.com, an entire DLP system costs only $4,995! With a free download trial; there is now no reason why a Small - Medium Size Business will be unable to protect their sensitive data.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <b> <i>

More information about formatting options