The IT industry needs a consistent framework to move towards Sustainable Security— one that we can build, deploy and support throughout the lifecycle of the infrastructure, and indeed, the information itself.
At EMC and RSA, the framework we use for a secure information infrastructure is built on three tiers—secure products, security products and secure processes. The concept is to design as complete a security profile in our products as possible, and to manage this level of security throughout the product’s entire build, deploy, support lifecycle.
There are two drivers for this commitment at EMC: we will and we can! First, our customers demand it, so we will. Second, with our leading RSA security technologies, we can, and can do so really well.
Secure Products— Tightening the Security Perimeter
Over the past few years, we have aggregated the security requirements of vast numbers of our global customers into a corporate policy, process and technology. This is our security mantra, continually being upgraded, and veritably alive. [See attached document of how the EMC Product Security Office sustains this function across our multi-billion dollar enterprise.]
And as we aggregate our RSA technologies into a common security platform, offering security services to EMC products, we bake in the highest levels of security inherent in this platform. From this core, products engage in their own security methodologies per our corporate security development lifecycle processes.
Delivery? Secure products—built, deployed, supported securely.
Security that is comprehensive, consistent and conforming.
Security Products— Consolidating Security Layers
Now for the matter of complementary security products. Many of these are deeply engineered to be integrated and optimized with EMC products. But also with many other heterogeneous platforms, too. RSA’s authentication systems, data leakage prevention, data assessment and discovery, date encryption solutions and log management are just as much independently support infrastructure security.
This vast portfolio permits us to enable a secure information infrastructure even further. For example, our EMC network change and configuration management product [Voyence] works in tandem with our RSA log management solution [enVision] to not only offer security for network infrastructures, but also leverages the same audit and log management platform across server, storage, management and security platforms as well! [See press release]
And this is just the beginning, as EMC continues to consolidate disjointed security environments, thus helping with policy and management orchestration across infrastructures.
Security Processes—Increasing Assurance
Finally, organizations must deploy security for the best resolution of their business risks. EMC, with its infrastructure experience, secure products and security products is one of the few corporations in the world who can belt out effective processes that sustain an organization’s security processes themselves. This is one of the foundations for governance, risk and compliance management. A great example is the timely Fair and Accurate Credit Transaction Act [FACTA] consulting service where EMC develops complete processes, designs and offers the RSA infrastructure components to deliver on compliance for credit transactions in the financial industry. [See press release]
So it’s all doable—An Increasingly Secure Information Infrastructure
We are in the first stages of where the industry is going and the quest is certainly not exclusive to EMC either. But with a great head start, the security assets of RSA, and the financial muscle to develop integrated solutions, EMC is already delivering on its security framework and enabling a secure information infrastructure.
Sustainable Security with demonstrable payback—more next time…
Comments