Microsoft, RSA Partner to Develop Next-Gen Data Loss PreventionBy Lawrence Walsh | Posted 2008-12-04 Email Print
The alliance between Microsoft and RSA will move data loss prevention technology into the fabric of the IT infrastructure and improve protection by associating data with identities and classifications. Analysts are already calling the idea a "game changer."
In unveiling a new technology sharing and development alliance, Microsoft and RSA—the security division of storage giant EMC—took the first step toward creating the next-generation of data loss prevention technology in which the protection of sensitive digital assets will eventually reside in the fabric of the IT infrastructure.
Microsoft will integrate RSA’s data loss prevention technology with its Rights Management Service—a component of Windows Server 2003 and 2008—and identity management technologies and platforms, primarily Active Directory.
The basic idea behind the Microsoft-RSA DLP strategy is moving data security from a series of point products that protect specific types of information on specific platforms to a ubiquitous risk mitigation strategy that’s transparent to end users. The alliance could result in a new class of DLP technologies for solution providers to provide business-technology consumers as a feature set in Microsoft’s vast software portfolio or as value-added security layers through RSA’s product portfolio.
"By building all of these technologies into the infrastructure, we’re offering our customers a built-in solution and not a bolt-on solution," says Tom Corn, vice president of product management and marketing at RSA’s Data Security Group. "As part of that natural cycle of helping [end users] use their infrastructure better, we’re integrating the technology into the infrastructure."
DLP emerged over the last couple of years to guard against the accidental and intentional disclosure of information in common identity theft cases, such as Social Security and credit card numbers. Business-technology consumers have adopted DLP as a means to curb identity thefts as well as meet regulatory compliance under laws such as the Health Insurance Portability and Privacy Act, Gramm-Leach-Bliley Act (banking) and Sarbanes-Oxley Act.
To counter the risk of data loss and provide tools for regulatory compliance, security vendors have raced to develop DLP products. Companies such as Vontu, PortAuthority, IronPort and PointSec produced the initial offerings. Through acquisitions and internal development, vendors such as Websense, Symantec, Trend Micro, McAfee and Cisco Systems have built the leading DLP applications.
Most of the existing DLP applications act in similar fashion to anti-virus technology, in that they scan traffic for patterns indicative of sensitive data. They often track data sets such as credit card and Social Security numbers, easily identifiable database fields, telephone numbers, addresses and financial figures.
While none of the existing technologies are foolproof, SecurityCurve analyst Diana Kelley says current DLP products provide at least some level of protection. However, she says the Microsoft-RSA alliance could change the DLP paradigm in both the infrastructure implementation and base the data classification and inspection on identity.
"Security needs to be identity-centric to keep information from leaking," says JG Chirapurath, director of Identity and Security at Microsoft.
Conceptually, the integration of RSA DLP technology with Microsoft applications and identity management tools will enable users to locate data wherever it resides or moves in the IT infrastructure. And it will classify and protect data transparently to the users.
The Microsoft-RSA vision for evolving the technology calls for classifying data by its content type, such as health care and finance. That’s a significant difference from conventional DLP approaches, Kelley says, since it can then create an identity for the data that is, in theory, easier to monitor and control.
Corn explained, this methodology will enable business to associate the data with users, location, use of the information and how data is being handled.
"When you look at this problem and look at how customers are looking for the solution, it’s one of the most important improvements in this technology landscape," says Chirapurath.
Eventually, this DLP technology will become ubiquitous through the Microsoft software universe. After integration with Windows Server’s RMS, other data intensive applications that could soon get the technology include Exchange (e-mail) and SharePoint (collaboration).
Additionally, RSA will be creating other DLP technologies and products that are built upon the Microsoft platform but addresses broader infrastructure needs. "The notion of having something that answer the realities of the heterogeneous worlds, it gives us the ability to solve those problems, too," Core said.
For now, though, the alliance’s first product is getting RSA’s DLP engine talking with Microsoft’s Rights Management Service. While a limited implementation, Kelley says it’s the most logical and right step to take.