Security Solutions for Business Acceleration
Arun Dhaka
Regional Sales Head – North & East, India
2
Backgrounder: Who is RSA?
Three MIT Professors developed an encryption algorithm (RSA)
1982 RSA Data Security founded
1996 Security Dynamics acquires RSA Data Security
1999 Company renamed and re-branded RSA Security Inc.
2006 Company acquired by EMC Corp
• Additional acquisition of Network Intelligence
Ron Rivest
Adi Shamir
Leonard Adleman
3
EMC: Information Infrastructure
Information is one of the only unique and valuable assets
Over the next four years, >800 exabytes will be added *• Organizations are responsible for
the security, privacy, reliability, and compliance of at least 85% of the information they keep
IT organizations are transforming their Infrastructure to maximize the value of information
Protection is a vital capability of Information Infrastructure
InfrastructureInfrastructure DataDataPeoplePeople
Transactions
Information Infrastructurestore | protect | optimize | leverage
RSA, The Security Division of EMC – launched to help customers accelerate their business with
confidence
* Source - IDC
4
Is Your Information an Asset or a Liability?
… fewer than one in five companies feel that all their data is adequately protected.”
Source: Enterprise Strategy Group March 2006
“Despite massive investment in security technology and services…
82%82%
18%18%
5
Introducing Information-centric Security
In the past, guarding the perimeter against external threats was sufficient, but…
InfrastructureInfrastructure DataDataPeoplePeople
Transactions
6
infrastructure DataPeople
Introducing Information-centric Security
partners
customers
employees
Today's organizations are virtual, global, and dynamic Perimeters fail to protect data as it moves or repel internal threats
Perimeter-centric security creates boundaries that hinder new business models
7
Introducing Information-centric Security
partners
customers
employees
Information-centric security binds security directly to information and the people who need it
customers
partners
employees
8
secure datasecure access
Introducing Information-centric Security
customers
partners
employees
security information managementsecurity information management
secure enterprise dataPreserve the confidentiality and integrity of critical data wherever it resides
secure employee accessEnable secure, anytime, anywhere access to corporate resources
secure partner accessOpen internal systems to trusted partners
secure customer accessOffer self-service channels, prevent fraud, and enhance consumer confidence
manage security informationComply with security policy and regulations
9
Accor North America seamlessly protects sensitive customer information at more than 1,200 hotel properties.
Secure DataSecure DataSecure AccessSecure Access
Security Information ManagementSecurity Information Management
RSA Capabilities: Classification | Encryption | Key Mgmt. | Rights Mgmt. | Advisory & Implementation Services
Secure Data
Protect critical structured and unstructured data wherever it resides.
• Classify sensitive information and develop appropriate protection policies and enforcement strategies
• Encrypt sensitive data at the application level, in databases, in file systems, on backup tapes and storage systems
• Manage the lifecycle of encryption keys across the enterprise
10
Secure DataSecure Data
Secure Employee Access
Securely work with corporate resources anywhere, anytime
• Secure and simplify access to internal network resources
• Authenticate authorized remote users to corporate resources
• Securely extend the reach of Web-based systems
• Leverage trusted identities across multiple corporate domains
Secure AccessSecure Access
employees
Geisinger Health System delivers potentially life-saving information to doctors through
Web-based portals.
RSA Capabilities : Strong Authentication | Web Access Mgmt. | Card Mgmt. | Digital Certificate Mgmt..
Security Information ManagementSecurity Information Management
11
Secure AccessSecure Access Secure DataSecure Data
Secure Partner Access
Securely leverage the value of Web-based systems for partner ecosystems
• Authenticate authorized partners to corporate resources
• Provide secure access to Web portals and applications through role-based authorization
• Share trusted identities across partner domains
partners
Milliman nearly doubled its retirement plan participation by offering services through
an indirect channel.
RSA Capabilities: Strong Authentication | Web Access Mgmt. | Identity Federation
Security Information ManagementSecurity Information Management
12
Secure DataSecure Data
Halifax Bank of Scotland reported an 80% reduction in
fraud after deploying RSA technology.
Secure Customer Access
Secure customer self-service channels• Provide risk-appropriate
authentication and identity verification options for customers on web or phone
• Monitor online transactions, detect and flag high-risk activities and investigate to reduce fraud
• Detect and shutdown phishing, pharming, and trojan attacks
• Provide secure access to web portals and applications through role-based authorization
Secure AccessSecure Access
customers
RSA Capabilities: Adaptive Authentication | Identity Verification | Fraud Protection | Transaction Monitoring
Security Information ManagementSecurity Information Management
13
Secure AccessSecure Access Secure DataSecure Data
Manage Security Information
Validate compliance with security policy and regulations
• Efficiently collect and store audit logs from any IP device
• Analyze and manage security events, perform real-time alerting and detailed forensic analysis
• Analyze data and produce targeted compliance reports for regulations and internal policy
• Integrate solution with Enterprise Storage for effective lifecycle management of log data
Security Information ManagementSecurity Information Management
“RSA enVision® allows us to do things we simply couldn’t
do before ... the ROI has been huge.”
Source: Cole Taylor Bank
RSA Capabilities: Security Information and Event Mgmt. (SIEM) | Enterprise Storage | Implementation Services
14
Flexible Solutions for a Variety of Needs
secure employee, partner, and customer access
Technology Solutions:Secure Enterprise AccessSecure Remote Access
Secure Web AccessSecure Consumer Identities and Assets
manage security information
Technology Solutions:Compliance & Security
Information Management
assessment, planning and implementation services
Offerings include:Classification for Information Security
Design and Implementation for Security Information Mgmt.Design and Implementation for Storage Encryption
secure data
Technology Solutions:Secure Enterprise Data
15
Today’s Focus
SecurID
SIEM
16
RSA Worldwide Market LeadershipTraditional Two-Factor Authentication
RSA
All Others
Source: IDC Worldwide Authentication Token Market Report 2006
74%
26%
17
Access Inside the EnterpriseA Changing Environment
Fact: 59% of survey respondents reported experiencing a security incident originating from inside the enterprise in the last 12 months*
Increasing exposure inside the enterprise• Proliferation of wireless networks inside the firewall
• Multiple groups accessing sensitive information (IT, HR, Finance etc.)
• Enterprise SSO deployments creating vulnerable password vaults
• Drive for convergence of logical and physical access requiring management of multiple credentials
*TheInfoPro Information Security Study, Wave 8, Winter 2007
18
Defining “The Insider”Who has physical or logical access to network resources?
Contractworkers
Employees
Consultants
Visitors
Maintenance personnel
Interns
19
Four Reasons for Security Breaches
1.1. IgnoranceIgnorance Insiders do not understand or are not familiar with the existing security policies
2.2. Carelessness Carelessness Insiders do not think about how their actions will break the rules, resulting in a breach of security
3.3. Disregard of Disregard of security security policies policies
Insiders will act in ways that make their lives easier, even if it involves going against security policies (ex. writing passwords on sticky notes)
4.4. MaliciousnesMaliciousnesss
Insiders will purposely damage, destroy or compromise an enterprise’s intellectual property – for financial gain or personal satisfaction
20
Secure Enterprise Access SolutionAccelerating Business Securely
Securely provide access to high-value digital assets• Strengthen security
• Prevent unauthorized access• Protect high-value resources
• Heighten compliance• Track and report user behavior and access
• Reduce costs• Reduce IT costs associated with password management• Eliminate costs associated with internal security breaches
• Simplify user experience• Reduce the challenge of password management
• Accelerate business• Provide seamless access to enterprise resources
21
Changing Business RealityKey Business Drivers for Secure Remote Access
Globalization and growing mobility of the workforce
• Anytime, Anywhere Access
Real-time collaboration between employees, customers and partners
• Ready access needed to sensitive corporate information
Rising use of unmanaged devices and locations for remote access
• Airport and Hotel Kiosks
• Access from Laptops, BlackBerry devices, SmartPhones etc.
Growth of compliance regulations
• SOX, HIPAA, GLBA, OCC etc.
Growing sophistication of security attacks
• Long lasting impact on brand reputation, business viability
22
Specific Business Imperatives Further Drive the Need for Secure Remote Access
Tele-working
• By 2011, 46.6 million corporate employees globally will spend at least one day a week tele-working*
• By 2011, 112 million will work from home at least one day a month*
• State legislation in the U.S. supporting tele-working initiatives
Home-sourcing
• Example: Jet Blue employs stay-at-home moms to process reservations from home
Business Acceleration
• Facilities cost savings through remote offices
• Hiring the right talent…anywhere without relocation
* Source: Gartner
23
Fact: 80%* of users rely on insecure passwords to logonFact: 80%* of users rely on insecure passwords to logon
Millions of Users Log Into their Networks Remotely
Organizational challenges
Heightened security risk Cost of a security breach is approximately $203,000**
Poor compliance Fees and criminal penalties related to non-compliance
Increased costsIndustry averages put password-reset and User ID issues at about 35% of all help desk call volumes; each call costs approximately $58***
Suboptimal user experience and productivity
The average user has to remember 20+ passwords for the systems and applications they access
Missed business opportunities
Inability to grow the business due to lack of real-time info exchange between stakeholders
*Frost & Sullivan estimates that 20% of VPN deployments have a strong authentication component **CSI-FBI “Computer Crime and Security” Survey, Computer Security Institute, 2006***$58 takes into account Gartner metric of IT costs =$36 + RSA estimate of lost user productivity costs
24
RSA Goal: Securely provide access to corporate information anywhere, anytimeRSA Goal: Securely provide access to corporate information anywhere, anytime
Secure Remote AccessAccelerating Business Securely
Strengthen security
Utilize industry best practices to validate user identities and access
Enhanced compliance
Ensure effective tracking and reporting for who accessed what
Reduce costsReduce IT costs associated with user password administration
Securely support remote office initiatives
Heightened user productivity
Eliminate user frustration and lost productivity associated with passwords
Business acceleration
Connect key internal and external stakeholders for business enablement
25
Secure Remote Access
Securely work with corporate resources anywhere, anytime• Secure and simplify remote access to
network resources
• Authenticate authorized remote internal & external users to corporate resources
• Improve accountability for restricting access to corporate and private information
Offering• RSA SecurID® authentication
RSA capabilities: Strong authentication via VPN, WLAN, and external Web applications
Infrastructureand Data
Infrastructureand Data
Assure Identities
and Access
Assure Identities
and Access
remote employees
Over 20,000 organizations worldwide use RSA
SecurID® authentication to protect corporate data and
resources
external remote users
26
Building a Secure Remote Access Solution
Who are the end users and what are their access methods?
Employees, Partner, Customers
VPN (IPSec, SSL), Outlook Web Access, Citrix…
Matching strong authentication solution to business needs
Strategic Fit, User Management, Cost
– Strategic Fit: Appropriate Security, Interoperability, Choice & Flexibility
– User Mgmt: Convenience, Portability
– Cost: Deployment, Acquisition, Operational
Ensure a common platform for compliance and security operations
Repeatable Process for User Access Tracking
Ensure a repeatable process for enhanced compliance
27
Authentication Choices—Relative Strength
Weak Strongest
Single factorSingle factor Two factorTwo factor Three factorThree factor
PIN
+PIN
+
+
PASSWORD
+PIN
Stronger
or
28
Secure One-Time PasswordHow RSA SecurID® authentication works
User enters Passcode(PIN + token code)
User Authenticated!
Authentication Agent
Authentication Manager
Calculates passcode
An authenticator generates a random pass code every 60 seconds
29
RSA Secure Enterprise Access Technology Solution RSA SecurID® offers…Choice…
30
Over 800 major enterprise and government accountsMarket Presence
Information Management Platform for transforming event, log, asset and other data into actionable related intelligenceVision
Proven Patent-pending Internet Protocol Database™ (IPDB)
All the data for compliance and security successTechnology
RSA enVision – Market Proven LeadershipRSA enVision – Market Proven Leadership
Partners
- Cisco- Juniper- Nortel- Foundry
- Symantec- ISS- McAfee- Check Point- RSA
- Microsoft- Linux / Unix- Sun / HP- IBM AS400/Main
- MS Exchange- Oracle- MS SQL
- Websense- Bluecoat- Apache- EMC
Network Security Operating System Application Other
Over 130 device partners
Accolades“Leader, 3rd Year in a Row”“Only vendor with all the data”
“Excellent”“2005 Appliance bake-off winner”
“Leader”“Largest Market Presence”
Technology Partners
31
Retail & Retail & HospitalityHospitality
HealthcareHealthcare
Financial ServicesFinancial Services
Energy & UtilityEnergy & Utility
Fortune 500Fortune 500
RSA enVisionMarket-Proven Leadership
800+ customers 50% of Fortune 10 40% of top Global Banks 30% of top US Banks
MSSPMSSP
32
RSA Worldwide Market LeadershipSecurity Information and Event Management
33
The Enterprise TodayMountains of data, many stakeholders
Router logs
IDS/IDP logs
VPN logs
Firewall logs
Switch logs
Windows logs
Client & file server logs
Wireless access
logs
Windows domain logins
Oracle Financial Logs
San File Access Logs
VLAN Access & Control
logs
DHCP logs
Linux, Unix, Windows OS
logs
Mainframe logs
Database Logs
Web server activity logs
Content management logs
Web cache & proxy logs
VA Scan logs
Configuration ControlLockdown enforcement
Access Control EnforcementPrivileged User Management
Malicious Code DetectionSpyware detection
Real-Time MonitoringTroubleshooting
UnauthorizedService Detection
IP Leakage
False Positive Reduction
User Monitoring SLA Monitoring
How to collect & protect all the data necessary to build a platform
for compliance and security operations
How to analyze and manage all the data to transform the information
into actionable knowledge and intelligence
34
COMMERCIALAPPLICATIONS
INTERNAL APPLICATIONS
OPERATING SYSTEMS
SECURITYINFORMATION
NETWORKINFORMATION
DATABASE SYSTEMS
STORAGE
Challenge: Growth of Enterprise SilosRedundant Information Management
35
Solution: RSA enVisionAn Information Management Platform…
Compliance Operations Security OperationsAccess Control
Configuration ControlMalicious Software
Policy EnforcementsUser Monitoring & Management
Environmental & Transmission Security
Access Control EnforcementSLA Compliance MonitoringFalse Positive ReductionReal-time MonitoringUnauthorized Network Service DetectionMore…
All the Data
Log Management
Any enterprise IP device – Universal Device Support (UDS)
No filtering, normalizing, or data reduction
Security events & operational information
No agents required
Server Engineering Business Ops. Compliance Audit Application & DatabaseNetwork Ops.Risk Mgmt. Security Ops. Desktop Ops.
ReportAlert/Correlation
Incident Mgmt.Log Mgmt.
Asset Ident. Forensics
Baseline
…For Compliance & Security Operations
36
RSA enVision A Platform for Security Operations
eCommerce Operations
Secure operations of all systems and data
associated with eCommerce operations
Internal Systems & Applications
Secure operations of all systems and data
associated with internal network services and
applications
Perimeter Network
OperationsSecurely connect the
enterprise to the Internet and other required corporate
entities
37
Collects, Manages & Analyzes “All the Data” Any enterprise IP device
Security exception events and IT operations information
No filtering, normalizing, or data reduction
Offers Single Global View Access and analysis of All the Data across sites/geographies
Secure Access Control
Supports All Devices Hundreds of supported devices
Flexible XML UDS engine for easy integration of legacy devices, homegrown applications
Installs Non-invasively No Agents
Easy integration with customer infrastructure
RSA Envision:The Information Management Platform Checklist
38
Interoperable & Extensible All the Data architecture
All devices support
Enables Compliance and Security Operations
Delivers Cradle to Grave ILM Security information managed throughout its lifecycle
Automatic deployment of customer defined retention policies
Implements High Availability Infrastructure Non-stop collection architecture
Dual Hot Standby server configuration
Best-of-breed storage reliability and fault-tolerant design
RSA Envision:The Information Management Platform Checklist
39
Scales without interruptions From single appliance to multiple appliance deployment
On-the-fly additional storage capacity
Delivers High and Consistent Application Performance Parallel architecture ensures alert performance
Purpose-built for high-performance requirements
Minimizes Operational Costs Compressed data store
Easy to deploy appliance package
No DBA resources required
No agents required
RSA Envision:The Information Management Platform Checklist
40
EMC Corporation
At a Glance
Revenues (2007): >$12.7 billion*
Employees (end Q2 worldwide): >33,000
(end Q2 outside U.S.): >12,000
Countries: 85
R&D Investment (2007): ≈$1.4 billion**
Market Capitalization: (July 27) $39 billion
Cash and Investments: (end Q2) $5.9 billion
Founded: 1979*EMC’s expectations as stated in July 24, 2007 earnings news release; **based on annual run rate of Q2
Information-centric Security