RSA, the Security Division of EMC, Delivers Standards-Based Approach to Help Simplify Compliance - May 6, 2008
Orlando Florida -- RSA, The Security Division of EMC , today announced the findings of a new research paper that details the benefits organizations may gain -- including reduced costs and improved security -- by implementing a standards-based framework of security controls. The paper also details the ability of comprehensive security frameworks to help companies more easily comply with a variety of security requirements handed down by regulatory bodies, industry groups, partners, customers and internal policies.In addition, RSA announced new reports within the RSA enVision(R) security information and event management solution that are designed to enable organizations to more easily report on key aspects of the ISO 27002 standard -- a global code of practice for information security management which is useful in defining an effective set of best practice security controls as part of a compliance framework.
In March 2008, RSA commissioned Michael Rasmussen, industry analyst and President of Corporate Integrity, to undertake a research paper based on what it means to develop a "sustainable and cost-effective IT compliance program." The key findings of this project are that the typical approach to compliance -- responding on a regulation-by-regulation basis without an integrated IT compliance management program -- escalates costs, reduces visibility of the control environment overall, wastes resources, and leads to unnecessary complexity, inflexibility, vulnerability and exposure.
"A proactive approach to IT compliance allows organizations to look confidently to the future while also mitigating risk in the course of business," said Mr. Rasmussen. "An effective IT compliance program should be centered on a comprehensive framework, based on industry-wide standards -- such as ISO 27002."
Security Frameworks-Based Programs to Simplify IT Compliance
As organizations worldwide struggle to both comply with a plethora of compliance requirements and improve enterprise-wide security, a framework-based approach founded upon best practices and controls helps customers to build a proactive security program that may effectively break down the walls that often isolate organizational compliance silos. By driving compliance holistically, rather than on a requirement-by-requirement basis, companies may reduce costs by both avoiding redundant technology controls and easing the process of managing compliance. In addition, leveraging international standards such ISO 27002 as the foundation of an IT security and compliance program helps organizations align efforts to comply with key portions of many global regulations, including: the Payment Card Industry (PCI) Data Security Standard (DSS), HIPPA, Sarbanes-Oxley, the European Union's Data Protection requirements and regional data privacy laws.
"Our forward-thinking customers are using framework-based security and compliance programs to cost-effectively satisfy multiple requirements and manage information risk," said Steven Preston, Senior Director, Solutions Marketing at RSA, The Security Division of EMC. "This goal can be achieved through the application of a consistent, holistic set of repeatable, scalable, enterprise-wide controls, which are centered upon recognized IT security best practices."
RSA Solutions to Establish Security Frameworks for Simplified Compliance
RSA's portfolio of technology solutions offers key security controls that help organizations establish frameworks based upon global best practices and standards. Key controls delivered by RSA's solutions include:
New Reporting Capabilities Within the RSA enVision Platform for ISO 27002-based Security and Compliance Programs
The RSA enVision platform is designed to offer a comprehensive suite of out-of-the box reports, which help enable organizations to effectively monitor their ISO 27002-based security and compliance program. These reports are prepared to align directly with the ISO 27002 standard, and help enable organizations to effectively demonstrate compliance with critical areas of the specification. Reports within RSA enVision platform related to ISO 27002 focus on areas such as computer account logon activity, computer account status, control of collected evidence, control of human resources data, malicious software activity, password changes and expirations and source code access.
Information Security Services to support Framework-based Compliance Initiatives
In addition to delivering a broad range of security controls, various EMC information-centric security consulting services -- leveraging solutions from RSA -- help enable organizations to effectively enact framework-based compliance programs.
For more information please call (407) 265-6293 or visit us at: http://www.sencilo.com/security-web-application-controllers.php
About Us
Sencilo Solutions is a Florida-based integrator specializing in storage, security and networking solutions. Sencilo delivers a comprehensive portfolio of products from best-of-breed hardware and software from multiple manufacturers including VMware, EMC, NetApp, Juniper Networks, Hitachi, Symantec, Barracuda Networks, and HP. Its technical expertise is known throughout the storage and security industry. Clients include leading corporations, major financial institutions, top universities, government facilities, as well as small to medium size businesses. Sencilo's professional services include consulting, integration, project management, installation, maintenance and knowledge transfer.
Sencilo has offices throughout Florida including: Jacksonville, Miami, Tampa, St. Petersburg, Orlando, Hialeah, Fort Lauderdale, Tallahassee, Cape Coral, and Pembroke Pines.
Key words:Barracuda Networks Security RSA Encryption Cisco Decru Neoscale EMC NetApp HP IBM Quantum Compliance VTL Data Domain vs Gartner Magic Quadrant SSL SonicWall Secure Computing Firewall VPN Endpoint DLP Tumbleweed Ironmail Ironport Secure Computing compare
