Building on a longstanding, multifaceted alliance, EMC and Microsoft Corporation today announced they have expanded their technology partnership to help companies better protect sensitive information and share it in a more secure manner.
The companies will work together with a built-in "systems" approach that helps protect information throughout the infrastructure based on content, context and identity.
The partnership will take advantage of resources and technology from Microsoft and RSA, the security division of EMC. Microsoft will build the RSA Data Loss Prevention (DLP) classification technology into the Microsoft platform and future information protection products.
The resulting collaboration is designed to enable organisations to centrally define information security policy, automatically identify and classify sensitive data virtually anywhere in the infrastructure, and use a range of controls to protect data at the endpoints, network, and data centre.
Additionally, in the near term, RSA's DLP Suite 6.5 will be engineered to integrate tightly with Microsoft Active Directory Rights Management Services (RMS) within Windows Server 2008.
Enterprises face growing risks of data leaks and an increase in compliance and corporate governance requirements. Companies recognise the importance of allowing employees, partners, customers and vendors to use business information within and across company boundaries. But this creates security challenges, as information moves across the infrastructure and is transformed throughout its life cycle. Current information protection solutions are complex and costly. They require separate tools and lack visibility into the sensitivity of the data, the context of identity and centralised policy management.
"Companies continue to struggle to protect sensitive data across the enterprise," said Rob Watson, RSA Country Manager. "Point solutions require that multiple policies and technologies be stitched together and independently managed, which is costly and complex. By building technology such as RSA DLP classification into the infrastructure, Microsoft and RSA are providing a new approach that balances the need to help ensure protection with accessibility."
RSA and Microsoft's new approach helps address customer needs through an end-to-end solution with fewer point tools to buy, deploy and manage. By building DLP classification technology into Microsoft products, the infrastructure becomes content-aware. The solution is designed to allow customers to centrally manage and apply their information security policies, based on user identity, to wherever information lives or is used.
Microsoft is an RSA DLP Suite customer, using the solution to enhance the security of data about payment, customers and intellectual property in thousands of its own file shares and Microsoft Office SharePoint sites. The company chose to work with EMC's RSA Security division based on the accuracy and scalability of the RSA DLP classification technology, and the wide array of its out-of-the-box policies.
"Our expanded partnership with EMC's RSA Security Division is centred on dramatically lowering the cost and complexity of information protection while allowing customers to take full advantage of perhaps their greatest asset: their information. The approach is about built-in solutions, versus bolted-on," said Douglas Leland, general manager of the Identity and Security Business Group at Microsoft. "This collaboration is also a key example of the Microsoft commitment to helping customers secure their environments, boost productivity and reduce IT costs through solutions that incorporate both identity and security technologies."
The first deliverable from the expanded partnership is a tight integration between RSA's DLP Suite and Microsoft rights management technology. Scheduled to ship later this month, version 6.5 of RSA's DLP Suite will include support for Microsoft Active Directory RMS, part of Windows Server 2008. The integration will allow customers to automatically apply RMS-based information access and usage policies, based on the sensitivity of information. In addition, the RSA solution's integration with Active Directory will help enable customers to efficiently implement data loss prevention controls tied to employee identity or group membership.
"Embedding information classification and protection capabilities throughout the infrastructure is an ideal way for an organisation to prevent sensitive information leaks," says Gartner analyst Eric Ouellet. "The automatic application of rights management policies based on content awareness, context, and who is involved is a strong merger of two existing approaches for protecting an organisation's sensitive information that together equal much more than the sum of their parts."
EMC offers a complete range of information security strategy, design and implementation services to help customers protect critical information, manage risk and integrate these solutions into their environments.
More information about RMS is available at http://www.microsoft.com/ida. Information about RSA DLP Suite is available at http://www.rsa.com/dlp.
Share