RSA, The Security Division of EMC. Zamanta Anguiano Sales Manager RSA

Transcription

1 RSA, The Security Division of EMC Zamanta Anguiano Sales Manager RSA

2 The Age of the Hyperextended Enterprise BUSINESS ISSUES IMPACT Innovation Collaboration Exploding Information Supply Chain Customer Services Hyperextended Enterprise Expanding Identities Evolving Infrastructure IT Consumerization Virtualization and Cloud Computing Complex Risk, Security and Compliance Environment Increasing Regulations 2

3 Traditional Approach Team Team Team Policy Point Tool Policy Point Tool Policy Point Tool Network Endpoint Applications Siloed Inflexible Inconsistent Costly 3

4 Our Customers Are Asking Themselves Am I secure? Am I compliant? Where do I have gaps? How do I prioritize? 4

5 Our Customers Are Asking Themselves Can I do this affordably? Am I aligned to the business? 5

6 Meeting our Customers Challenges Manage Risk and Threats Throughout Enterprise Prove Compliance Consistently & Affordably Secure Access for Increased Mobility & Collaboration Secure Virtualization & Cloud Computing 6 How?

7 Managing Risk and Threats No clear visibility to threats and exposures Inability to adequately address exposures Slow to respond 7

8 What We ve Heard Risk and Threat Management CHALLENGE Siloed view of risk Security measures don t address internal and external threats Don t have a good handle on vulnerabilities Can t respond quickly enough to incidents Difficult to prioritize threats and incidents Single dashboard for managing risk Regular feed of current and relevant threat information Gap analyses and security assessments Ability to discover, monitor and protect sensitive data as it travels Automated incident and threat management process integrated with embedded detection tools and controls Easy-to-use tools for dashboarding compliance, reporting, forensics analysis REQUIREMENT SOLUTION Comprehensive view of external threats, sensitive data and use of corporate infrastructure 8 MENU

9 What We ve Heard Fraud Management CHALLENGE Difficult to balance tradeoff between strong security and user experience Can t keep pace with cybercriminal innovation and tactics Unaware of the money, credentials, assets identities that my business is losing Prevented from offering new services/products due to lack of controls Accurate, real-time fraud/threat detection with minimal impact to user experience 24 x 7 x 365 dedicated anti-fraud cybercrime operation Ability to share cybercrime across thousands of networked organizations Knowledge and prevention of fraud losses Layered defense strategy to safely offer new products and services REQUIREMENT SOLUTION Cybercrime defense strategy to prevent unauthorized use and/or acquisition of critical information 9 MENU

10 Prove Compliance Consistently and Affordably Difficult to keep track of changing regulations Time consuming manual processes Unclear view of compliance posture 10

11 What We ve Heard Prove Compliance Consistently and Affordably CHALLENGE Can t keep up with changing regulations Wasting time and money with inefficient, manual processes Not sure if we re non- compliant No way to communicate compliance posture throughout the organization Centralized policy system powered by content from a community of experts Automated compliance process integrated with well-defined controls and reporting Streamlined, repeatable system Ability to discover, monitor and protect sensitive information Real-time alerting Flexible dashboards and reports for compliance Tailored dashboards to get the right information to the right people when they need it REQUIREMENT SOLUTION Easier audits, minimized exposure, improved focus on adding value to business 11 MENU

12 Secure Access for Increased Mobility and Collaboration Lack of confidence in secure access Struggle with onesize-fits-all security Security impeding new business initiatives 12

13 What We ve Heard Secure Access for Increased Mobility and Collaboration CHALLENGE Unclear who is remotely accessing our systems and what they are doing inside the network Users bypass cumbersome security mechanisms -- putting corporate resources at risk Not prepared to address attacks against our organization Security is impeding new business initiatives such as VDI and outsourcing Confidence that only legitimate users are accessing your information Ability to monitor all user activity on the network Range of authentication mechanisms for various applications and profiles Single sign-on capabilities for reduced costs and increased user satisfaction Global threat detection and takedown Corporate identities, credentials and systems recovery Strong authentication for workforce, partners customers Flexibility to enforce policies and controls by user, document, site or transaction REQUIREMENT SOLUTION Enable collaboration between employees, partners and outsourcers without compromising security 13 MENU

14 Securing Virtualization and Cloud Security is impeding adoption Proceeding without security policies and processes Lack of visibility and control 14

15 What We ve Heard Virtual Desktop Security CHALLENGE Slow VDI rollout due to security concerns; Increasing costs and risks Lack of control over information on 3rd party desktops and employee laptops Need to protect access to VDI Visibility into security events and compliance across VDI Expertise and best practices for secure Virtualization; EMC, VMware and RSA Identify and protect sensitive information in use on virtual desktops Two factor authentication for user and administrator access Monitor security events across VDI to integrate into existing security operations and compliance reporting REQUIREMENT SOLUTION Realize business benefits of virtualizing desktops without compromising security 15 MENU

16 What We ve Heard Virtual Business Applications Security CHALLENGE Need to better understand security and compliance risks in virtualized environment Lack the visibility and controls in a virtualized environment that we have in physical IT environment Our virtual servers are less secure than the physical servers they replace Expertise and best practices for secure virtualization EMC, VMWare, RSA Enforce a single data security policy -- physical and virtual Collect and correlate security and compliance events physical and virtual Enforce secure access for privileged users Integrated solution to secure the virtual infrastructure, access to it, and information within it REQUIREMENT SOLUTION Realize the benefits of virtualization for mission critical applications without compromises on the security front MENU

17 How We Do It System for Managing Security, Risk and Compliance BUSINESS DRIVERS Manage Governance, Risk + Compliance Define Policy Assess Risk and Report Monitor Audit Report Correlate Map to Controls Add Context Collect IDENTITIES INFRASTRUCTURE INFORMATION Manage Monitor Detect Enforce MENU

18 RSA Archer egrc Suite 18

19 MAAGTIC 19

20 Why our Customers Choose RSA Industry Leadership & Market- Leading Products and Services Authentication, Data Loss Prevention, egrc, SIEM, Web Fraud Protection Built-in Versus Bolted-on Security Embedding controls directly into the infrastructure Integrated Approach to Managing Security, Risk and Compliance Connecting governance, evidence and controls RSA Community Security and egrc experts collaborating on challenges and trends Out-of-the-Box Expertise about regulations, threats and best practices, built by teams of experts EMC Connection Investing in our customers success 20 MENU

21 Thank you!