Locking Down the Enterprise at RSA


Those who want to know what the security industry is doing are paying
close attention to the U.S. RSA Conference,
this week in San Francisco. If the new products on display are any indication, the theme of this year’s conference is enterprise data security, focusing on data loss prevention (DLP) and compliance with industry and government standards.

RSA set the theme last week with its first announcement related to the show, the release of version 7.0 of its DLP suite.

There’s a clear need for improvements on the desktop, where Microsoft said last week that
victims continue to fall succumb to a whole category of exploits that
are avoidable
, and also on the business side, where Verizon Business
reported serious security lapses
at many enterprises.

Numerous companies are announcing new products on the first day of the show, and offerings from CA fit the theme, with the release of an Enterprise Log Manager (ELM), and Role and Compliance Manager (R&CM) and a DLP solution.

As the security landscape changes, CA is adjusting, it said. “Over the past year, we’ve gone through our portfolio and conducted an analysis of our offerings and of where we think the market is going,” said Lina Liberti, vice president of security product marketing for CA.

The result: several acquisitions in the past six months. Although the
ELM product was built in-house, the R&CM product builds on CA’s Eurekify acquisition, and the DLP product builds on CA’s Orchestria acquisition, so while CA is willing and able to develop new product lines of its own, it is also able to acquire and integrate them.

With so many products targeting the same areas, Liberti said that CA’s holistic view of security makes it stand out. “We don’t just lock down the servers and say, ‘That’s compliance,’ or just protect the data,” she said. “We take it up to the next level to prove compliance. For example, if you need to show that you’re PCI-compliant, we have a report that shows you don’t have orphan accounts that exceed 90 days.”

While industry regulations are specific, some government regulations are more vague. “Sarbanes-Oxley (SOX) is not as clearly defined,” Liberti said. “But we put the workflow in place to allow you to certify documents and to show that certification has occurred. We are improving, automating, and
documenting the process.”

The challenge, Liberti said, is to help companies minimize risk without sacrificing productivity. To prove its value, the software is designed to automate important tasks. In the case of R&CM, it tracks who has access to what. DLP ties back into the identity management features of R&CM, relating the use of data to the people who are using it. Finally, the ELM product automates log management and provides over 200 reports designed to help enterprises meet government and industry standards.

Put it all together, and there are real benefits, Liberti said. “In our keynote at RSA on Tuesday, Dave Hanson, corporate senior vice president and general manager of CA’s security business unit, will explain how the combination of DLP, identity management, and key management demonstrate the value of our holistic approach to security. One plus one gives you ten.”

ELM is priced per log-sourcing device, starting at $120; R&CM is priced per user starting at $0.70 for external users and $12 per internal user, and DLP is priced based on the number of users in the enterprise, starting at $100,000.

Page 2: Point prevention and the cloud

Page 2 of 2

eEye Digital Security is moving in CA’s
direction as well, introducing a server version of its desktop protection software. Like so many other security companies, eEye expects compliance to drive sales, said Morey Haber, eEye vice president of business development. He claimed that eEye customer service and the product quality differentiate
its offering from the SMB products of Symantec and McAfee.

“Blink Professional has been available for five years,” Haber said. “eEye is extending that protection to servers to allow the maximum protection of clients’ sensitive data.”

Security management specialist NetIQ is also touting the comprehensive approach with the release of the NetIQ Change Guardian product family, which delivers file management and security information management .

These features were previously part of the NetIQ Security Manager product. Combined, file management and SIM, “significantly limit the risk of corporate data loss while continuing to improve the TCO of existing security investments,” Geoff Webb, senior manager of product marketing at NetIQ, said in a statement.

Point prevention

While CA and others tout the total security approach, covering the whole enterprise, other vendors see value in protecting specific areas or preventing specific attacks.

Secure access specialist Passlogix is releasing version 7.0 of its v-GO Access Accelerator Suite to make it easier to change and manage passwords.

Enterprise application whitelisting specialist and pioneer Bit9 also sees demand for a specialized product.

“As long as you have the Heartland scenario, there’s going to be demand for a layer of protection that closes the gap of unauthorized software,” said Tom Murphy, chief marketing officer of Bit9, referring to the massive data breach at Heartland, one of the nation’s largest payment processors.

Bit9 is announcing version 5.0 of its Parity application whitelisting product, which allows administrators to see a real-time picture of the applications running on their network. It also maintains a real-time database of desktop configurations and can compare them, displaying a heat map to make it easy to address anomalous configurations. It connects to Bit9’s reputation service to help administrators decide whether to block or allow any software that is not on the application whitelist.

The cloud

There’s one other trend at RSA: cloud security products. The cloud will be discussed in several keynotes and will be the core feature of a few products on the show floor. E-mail specialist Voltage Security is making its on-premises encryption product available through the cloud. The company touts the product’s ease of use and says that the SaaS offering makes it easier for companies to invite partners, vendors, suppliers, service providers and
customers into their “community of trust.”

Datacenter security specialist Third Brigade will be showing off Deep Security 6, which it says is “the first security server designed to defend servers in physical, virtual, and cloud computing environments.”

News Around the Web