Security Solutions for Business Acceleration - PowerPoint PPT Presentation

1 / 41
About This Presentation
Title:

Security Solutions for Business Acceleration

Description:

Airport and Hotel Kiosks. Access from Laptops, BlackBerry devices, SmartPhones etc. ... Example: Jet Blue employs stay-at-home moms to process reservations from home ... – PowerPoint PPT presentation

Number of Views:194
Avg rating:3.0/5.0
Slides: 42
Provided by: emc67
Category:

less

Transcript and Presenter's Notes

Title: Security Solutions for Business Acceleration


1
Security Solutions for Business Acceleration
  • Arun Dhaka
  • Regional Sales Head North East, India

2
Backgrounder Who is RSA?
  • Three MIT Professors developed an encryption
    algorithm (RSA)
  • 1982 RSA Data Security founded
  • 1996 Security Dynamics acquires RSA Data Security
  • 1999 Company renamed and re-branded RSA Security
    Inc.
  • 2006 Company acquired by EMC Corp
  • Additional acquisition of Network Intelligence

3
EMC Information Infrastructure
Information Infrastructurestore protect
optimize leverage
  • Information is one of the only unique and
    valuable assets
  • Over the next four years, gt800 exabytes will be
    added
  • Organizations are responsible for the security,
    privacy, reliability, and compliance of at least
    85 of the information they keep
  • IT organizations are transforming their
    Infrastructure to maximize the value of
    information
  • Protection is a vital capability of Information
    Infrastructure

RSA, The Security Division of EMC launched to
help customers accelerate their business with
confidence
Infrastructure
Source - IDC
4
Is Your Information an Asset or a Liability?
Despite massive investment in security
technology and services
fewer than one in five companies feel that all
their data is adequately protected.
Source Enterprise Strategy Group March 2006
5
Introducing Information-centric Security
  • In the past, guarding the perimeter against
    external threats was sufficient, but

Infrastructure
Data
6
Introducing Information-centric Security
  • Today's organizations are virtual, global, and
    dynamic
  • Perimeters fail to protect data as it moves or
    repel internal threats Perimeter-centric
    security creates boundaries that hinder new
    business models

infrastructure
Data
People
7
Introducing Information-centric Security
  • Information-centric security binds security
    directly to information and the people who need
    it

customers
partners
employees
8
Introducing Information-centric Security
secure enterprise dataPreserve the
confidentiality and integrity of critical data
wherever it resides secure employee
accessEnable secure, anytime, anywhere access to
corporate resources secure partner accessOpen
internal systems to trusted partners secure
customer accessOffer self-service channels,
prevent fraud, and enhance consumer
confidence manage security informationComply
with security policy and regulations
secure data
secure access
customers
partners
employees
security information management
9
Secure Data
RSA Capabilities Classification Encryption
Key Mgmt. Rights Mgmt. Advisory
Implementation Services
Accor North America seamlessly protects
sensitive customer information at more than 1,200
hotel properties.
  • Protect critical structured and unstructured data
    wherever it resides.
  • Classify sensitive information and develop
    appropriate protection policies and enforcement
    strategies
  • Encrypt sensitive data at the application level,
    in databases, in file systems, on backup tapes
    and storage systems
  • Manage the lifecycle of encryption keys across
    the enterprise

Secure Access
Security Information Management
10
Secure Employee Access
RSA Capabilities Strong Authentication Web
Access Mgmt. Card Mgmt. Digital Certificate
Mgmt..
  • Securely work with corporate resources anywhere,
    anytime
  • Secure and simplify access to internal network
    resources
  • Authenticate authorized remote users to corporate
    resources
  • Securely extend the reach of Web-based systems
  • Leverage trusted identities across multiple
    corporate domains

Geisinger Health System delivers potentially
life-saving information to doctors through
Web-based portals.
Secure Access
employees
Security Information Management
11
Secure Partner Access
RSA Capabilities Strong Authentication Web
Access Mgmt. Identity Federation
  • Securely leverage the value of Web-based systems
    for partner ecosystems
  • Authenticate authorized partners to corporate
    resources
  • Provide secure access to Web portals and
    applications through role-based authorization
  • Share trusted identities across partner domains

Milliman nearly doubled its retirement plan
participation by offering services through an
indirect channel.
Secure Data
partners
Security Information Management
12
Secure Customer Access
RSA Capabilities Adaptive Authentication
Identity Verification Fraud Protection
Transaction Monitoring
  • Secure customer self-service channels
  • Provide risk-appropriate authentication and
    identity verification options for customers on
    web or phone
  • Monitor online transactions, detect and flag
    high-risk activities and investigate to reduce
    fraud
  • Detect and shutdown phishing, pharming, and
    trojan attacks
  • Provide secure access to web portals and
    applications through role-based authorization

Halifax Bank of Scotland reported an 80
reduction in fraud after deploying RSA technology.
Secure Data
Secure Access
customers
Security Information Management
13
Manage Security Information
RSA Capabilities Security Information and Event
Mgmt. (SIEM) Enterprise Storage
Implementation Services
  • Validate compliance with security policy and
    regulations
  • Efficiently collect and store audit logs from any
    IP device
  • Analyze and manage security events, perform
    real-time alerting and detailed forensic analysis
  • Analyze data and produce targeted compliance
    reports for regulations and internal policy
  • Integrate solution with Enterprise Storage for
    effective lifecycle management of log data

RSA enVision allows us to do things we simply
couldnt do before ... the ROI has been
huge. Source Cole Taylor Bank
Secure Access
Secure Data
Security Information Management
14
Flexible Solutions for a Variety of Needs
secure employee, partner, and customer
access Technology Solutions Secure Enterprise
Access Secure Remote Access Secure Web
Access Secure Consumer Identities and Assets
secure data Technology Solutions Secure
Enterprise Data
manage security information Technology
Solutions Compliance Security Information
Management
assessment, planning and implementation
services Offerings include Classification for
Information Security Design and Implementation
for Security Information Mgmt. Design and
Implementation for Storage Encryption
15
Todays Focus
  • SecurID
  • SIEM

16
RSA Worldwide Market LeadershipTraditional
Two-Factor Authentication
26
All Others
74
RSA
Source IDC Worldwide Authentication Token Market
Report 2006
17
Access Inside the EnterpriseA Changing
Environment
  • Fact 59 of survey respondents reported
    experiencing a security incident originating from
    inside the enterprise in the last 12 months
  • Increasing exposure inside the enterprise
  • Proliferation of wireless networks inside the
    firewall
  • Multiple groups accessing sensitive information
    (IT, HR, Finance etc.)
  • Enterprise SSO deployments creating vulnerable
    password vaults
  • Drive for convergence of logical and physical
    access requiring management of multiple
    credentials

TheInfoPro Information Security Study, Wave 8,
Winter 2007
18
Defining The InsiderWho has physical or
logical access to network resources?
19
Four Reasons for Security Breaches
20
Secure Enterprise Access SolutionAccelerating
Business Securely
  • Securely provide access to high-value digital
    assets
  • Strengthen security
  • Prevent unauthorized access
  • Protect high-value resources
  • Heighten compliance
  • Track and report user behavior and access
  • Reduce costs
  • Reduce IT costs associated with password
    management
  • Eliminate costs associated with internal security
    breaches
  • Simplify user experience
  • Reduce the challenge of password management
  • Accelerate business
  • Provide seamless access to enterprise resources

21
Changing Business RealityKey Business Drivers
for Secure Remote Access
  • Globalization and growing mobility of the
    workforce
  • Anytime, Anywhere Access
  • Real-time collaboration between employees,
    customers and partners
  • Ready access needed to sensitive corporate
    information
  • Rising use of unmanaged devices and locations
    for remote access
  • Airport and Hotel Kiosks
  • Access from Laptops, BlackBerry devices,
    SmartPhones etc.
  • Growth of compliance regulations
  • SOX, HIPAA, GLBA, OCC etc.
  • Growing sophistication of security attacks
  • Long lasting impact on brand reputation, business
    viability

22
Specific Business Imperatives Further Drive the
Need for Secure Remote Access
  • Tele-working
  • By 2011, 46.6 million corporate employees
    globally will spend at least one day a week
    tele-working
  • By 2011, 112 million will work from home at least
    one day a month
  • State legislation in the U.S. supporting
    tele-working initiatives
  • Home-sourcing
  • Example Jet Blue employs stay-at-home moms to
    process reservations from home
  • Business Acceleration
  • Facilities cost savings through remote offices
  • Hiring the right talentanywhere without
    relocation

Source Gartner
23
Millions of Users Log Into their Networks Remotely
Fact 80 of users rely on insecure passwords to
logon
Frost Sullivan estimates that 20 of VPN
deployments have a strong authentication
component CSI-FBI Computer Crime and
Security Survey, Computer Security Institute,
200658 takes into account Gartner metric of
IT costs 36 RSA estimate of lost user
productivity costs
24
Secure Remote AccessAccelerating Business
Securely
RSA Goal Securely provide access to corporate
information anywhere, anytime
25
Secure Remote Access
RSA capabilities Strong authentication via VPN,
WLAN, and external Web applications
  • Securely work with corporate resources anywhere,
    anytime
  • Secure and simplify remote access to network
    resources
  • Authenticate authorized remote internal
    external users to corporate resources
  • Improve accountability for restricting access to
    corporate and private information
  • Offering
  • RSA SecurID authentication

Over 20,000 organizations worldwide use RSA
SecurID authentication to protect corporate data
and resources
Assure Identities and Access
external remote users
remote employees
26
Building a Secure Remote Access Solution
27
Authentication ChoicesRelative Strength
PIN
PIN
PIN



or

PASSWORD
Three factor
Two factor
Single factor
Stronger
Weak
Strongest
28
Secure One-Time PasswordHow RSA SecurID
authentication works
An authenticator generates a random pass code
every 60 seconds
29
RSA Secure Enterprise Access Technology Solution
RSA SecurID offersChoice
30
RSA enVision Market Proven Leadership

Technology Partners
31
RSA enVisionMarket-Proven Leadership
  • 800 customers
  • 50 of Fortune 10
  • 40 of top Global Banks
  • 30 of top US Banks

Energy Utility
Retail Hospitality
MSSP
Healthcare
Fortune 500
Financial Services
32
RSA Worldwide Market LeadershipSecurity
Information and Event Management
33
The Enterprise TodayMountains of data, many
stakeholders
How to collect protect all the data necessary
to build a platform for compliance and security
operations
How to analyze and manage all the data to
transform the information into actionable
knowledge and intelligence
34
Challenge Growth of Enterprise SilosRedundant
Information Management
35
Solution RSA enVisionAn Information Management
Platform
Compliance Operations
Security Operations
Access Control Configuration Control Malicious
Software Policy Enforcements User Monitoring
Management Environmental Transmission Security
Access Control Enforcement SLA Compliance
Monitoring False Positive Reduction Real-time
Monitoring Unauthorized Network Service
Detection More
All the Data
Log Management
Any enterprise IP device Universal Device
Support (UDS) No filtering, normalizing, or data
reduction Security events operational
information No agents required
For Compliance Security Operations
36
RSA enVision A Platform for Security Operations
Internal Systems Applications Secure
operations of all systems and data associated
with internal network services and applications
eCommerce Operations Secure operations of all
systems and data associated with eCommerce
operations
Perimeter Network Operations Securely connect the
enterprise to the Internet and other required
corporate entities
37
RSA EnvisionThe Information Management Platform
Checklist
?
  • Collects, Manages Analyzes All the Data
  • Any enterprise IP device
  • Security exception events and IT operations
    information
  • No filtering, normalizing, or data reduction
  • Offers Single Global View
  • Access and analysis of All the Data across
    sites/geographies
  • Secure Access Control
  • Supports All Devices
  • Hundreds of supported devices
  • Flexible XML UDS engine for easy integration of
    legacy devices, homegrown applications
  • Installs Non-invasively
  • No Agents
  • Easy integration with customer infrastructure

?
?
?
38
RSA EnvisionThe Information Management Platform
Checklist
?
  • Interoperable Extensible
  • All the Data architecture
  • All devices support
  • Enables Compliance and Security Operations
  • Delivers Cradle to Grave ILM
  • Security information managed throughout its
    lifecycle
  • Automatic deployment of customer defined
    retention policies
  • Implements High Availability Infrastructure
  • Non-stop collection architecture
  • Dual Hot Standby server configuration
  • Best-of-breed storage reliability and
    fault-tolerant design

?
?
39
RSA EnvisionThe Information Management Platform
Checklist
?
  • Scales without interruptions
  • From single appliance to multiple appliance
    deployment
  • On-the-fly additional storage capacity
  • Delivers High and Consistent Application
    Performance
  • Parallel architecture ensures alert performance
  • Purpose-built for high-performance requirements
  • Minimizes Operational Costs
  • Compressed data store
  • Easy to deploy appliance package
  • No DBA resources required
  • No agents required

?
?
40
EMC Corporation
At a Glance
Revenues (2007) gt12.7 billion Employees (end
Q2 worldwide) gt33,000 (end Q2 outside
U.S.) gt12,000 Countries 85 RD Investment
(2007) 1.4 billion Market Capitalization
(July 27) 39 billion Cash and Investments
(end Q2) 5.9 billion Founded 1979
EMCs expectations as stated in July 24, 2007
earnings news release based on annual run rate
of Q2
41
Information-centric Security
Write a Comment
User Comments (0)
About PowerShow.com