SecureData, a member of the JSE-listed ERP.com Group and the distributor for RSA Security products in Sub-Saharan Africa, today announced the latter's RSA Key Manager software that enables businesses to effectively manage the lifecycle of encryption keys.
RSA Key Manager is a standalone key management offering that may be integrated with a range of encryption solutions, including RSA BSAFE Data Security Manager software.
The new solution also helps companies comply with the key lifecycle management guidelines of the Payment Card Industry (PCI) Data Security Standard, a global initiative spearheaded by leading payment card companies, which strives to protect consumers' transaction data.
Accor North America, which operates more than 1 200 upscale and economy hotel properties including Sofitel, Novotel, Ibis, Red Roof Inn, Studio 6 and Motel 6, implemented RSA Key Manager and RSA ClearTrust access management software to help address PCI requirements.
"As one of the world's leading travel brands, millions of customers each year rely on Accor North America to provide a safe hotel stay, and we're committed to ensuring our customers' transaction data is just as secure," commented Harvey Ewing, senior director of IT security at Accor North America.
"RSA Key Manager software enables us to effectively manage encryption keys generated enterprise-wide, irrespective of operating system or backend database, providing us with unprecedented flexibility in our integration of encryption to existing applications and infrastructure."
Tackling the key management challenge within new and legacy systems key management is core to an overall encryption strategy; however, most existing encryption solutions lack effective key lifecycle management capabilities. RSA Key Manager software benefits customers with legacy encryption deployments as well as companies deploying RSA BSAFE Data Security Manager software for policy-driven application security. RSA Key Manager software enables businesses to:
* Integrate key management with legacy open source and commercial encryption solutions.
* Centrally manage keys generated by disparate enterprise applications.
* Quickly retire compromised or lost keys, and promptly issue new keys.
* Manage both key lifecycle and encryption rules using a common centralised policy through integration with RSA BSAFE Data Security Manager software.
"Burton Group clients have many pockets of encryption across their organisations, and this 'siloing' of encryption keys may hamper efforts to effectively protect sensitive consumer and enterprise data," added Trent Henry, senior analyst at Burton Group.
"Large companies realise that a successful response to critical security requirements - such as the PCI standards - requires consistent processes for protecting data across the organisation. As a result, they are looking for ways to centralise key management functions and create a security clearinghouse for keys, policies, and standards across many applications and encryption silos."
Achieving PCI data security standard compliance
Though PCI requirements are specific and measurable, research by First Data Corp reports 85% of affected companies have yet to meet PCI standard requirements most often because of difficulties associated with implementing the necessary technology solutions.
RSA Key Manager software lessens this challenge by providing centralised, secure, simplified key lifecycle management for all applications. In contrast to hardware-based solutions, RSA Key Manager does not require the extensive resources needed to deploy appliances at every single retail location, as often required for full PCI compliance. RSA Key Manager software may also be leveraged alongside RSA BSAFE Data Security Manager software, RSA SecurID two-factor authentication technology and RSA ClearTrust access management software as a comprehensive PCI solution.
RSA Key Manager Solution: Key features and benefits
RSA Key Manager is part of RSA Security's enterprise data protection solutions suite, and is rooted in best practices developed by RSA Professional Services. RSA Key Manager software includes a server based on Sun Java technology, client application programming interface (API) and Web-based administration tool. Key features include:
* Point-of-sale (POS) application integration: RSA Key Manager software may be integrated at the POS application level, enabling retailers to manage keys from the start, mitigating the risk associated with branch location encryption.
* Simple interface: RSA Key Manager offers a browser-based interface, allowing administrators to easily manage keys generated by a wide range of applications.
* Intuitive API: The solution offers a simple API that is ideal for software developers unfamiliar with key management.
* Separation of duties: RSA Key Manager leverages RSA ClearTrust access management software to enforce separation of duties, ensuring that no individual may compromise the key management systems or access plaintext keys.
* Stronger authentication support: Organisations may leverage RSA SecurID two-factor authentication technology to provider stronger protection for the RSA Key Manager solution deployment.
* RSA BSAFE Data Security Manager integration: RSA Key Manager functions out-of-the-box with RSA BSAFE Data Security Manager, a solution that enables developers to easily build data security controls into enterprise applications.
"Companies entrusted with private consumer data, particularly information related to payment card transactions, must do everything possible to keep the information safe and secure," added Rick Welch, vice president, Developer Division at RSA Security. "Effective enterprise data protection requires a multi-pronged approach, and the combination of RSA Security solutions, including RSA Key Manager, will enable organisations worldwide to protect their business and customers."
Share
RSA Security Inc helps organisations confidently protect identities and information access. The company secures more than 15 million user identities, safeguards trillions of business transactions annually, and manages the confidentiality of data in tens of thousands of applications worldwide. RSA Security's portfolio of award-winning solutions, including identity and access management, secure mobile and remote access, secure enterprise access, secure transactions and consumer identity protection, sets the standard in the industry. Its strong reputation is built on a 20-year history of ingenuity, leadership and proven technologies, and their 17 000+ customers around the globe. Together with more than 1 000 technology and integration partners, RSA Security inspires confidence in everyone to experience the power and promise of the Internet.
SecureData
SecureData, an ERP.com company, is Africa's premier IT security solution provider. SecureData's solutions incorporate anti-virus and content security, network security, intrusion prevention software, and network asset management. SecureData's comprehensive "Managed Security Services" include design, audit, implementation, vulnerability assessment, outsourcing and hosting. SecureData distributes, sells and supports category leading IT security products to the public, corporate and SME sectors throughout Africa as well as products and services to the SOHO and consumer markets through partnerships with ISPs. As well as being the sole distributor in Sub-Saharan Africa for Trend Micro, SecureData is the African distributor for US-based TippingPoint Technologies and the southern African distributor for US-based AirDefense, Application Security, eEye, Rocket Software, RSA Security, St Bernard and Websense. For more information, visit SecureData at www.securedata.co.za.
ERP.com
ERP.com is a JSE-listed company focused on the implementation, integration and management of enterprise applications in an e-business environment. For more information, visit ERP.com at www.erpcom.co.za.
Editorial contacts