RSA Upgrades DLP Suite Capabilities

RSA, EMC’s security arm, has enhanced its Data Loss Prevention Suite with more than 70 new features for scanning, workflow, reporting, and global content processing. Version 8.0 of the RSA DLP Suite provides better protection to sensitive information by offering better visibility into high areas of risk, and helping improve the efficiency and cost-effectiveness of ongoing security operations.

There are three key messages to the new release, says RSA senior product manager, Mike Song: secure collaboration, simpler security operations to get a holistic view of data, and an expanded policy library. “We’ve dramatically added new discovery and classification capabilities… automated reports… (and) involved the data owners in the process.”

The suite is ultimately about reducing risk over time, says Song, and the new release enables RSA to continue to surpass its competitors. And with new language capabilities and policy support, there are new opportunities for the channel, especially for those working with the federal government.

“This really helps channel partners with an easier way to provide data loss prevention to their customers and manage it, to have the tools and be able to go in and do an assessment and calculate the total cost of ownership.”

Song says the economy may have taken a hit, but that has helped the need for protecting data. “As companies lay people off and shed employees, that accelerates the need for DLP. With 8.0 we’re increasing the depth and breadth of coverage… and increasing manageability.”

The suite has been expanded to discover and remediate more data types, including native scanning of Microsoft SharePoint and IBM Lotus Notes, and can also scan and fingerprint IBM DB2 databases, allowing much more data to be discovered and protected. In addition to new languages — Chinese, Japanese and Korean – 8.0 now offers offline endpoint protection for Web and Instant Messaging traffic, allowing organizations to protect data even when employees bring laptops home and work remotely without directly connecting through the corporate network.

New features include the ability to generate trend and summary reports according to department, incident type, severity and status, and then automatically send those reports to the appropriate personnel. “At the push of a button a CFO can get all of incidents and violations in his domain and can start to take immediate action,” says Song.

By integrating the suite with the RSA enVision platform and technology from newly-acquired Archer Technologies, DLP can play a critical role in a closed-loop system that discovers data, classifies it, and maps to organizations’ overall security policies. And new policy and classification content includes support for Federal Energy Regulatory Commission (FERC), Passenger Name Records (PNR), State level credentials, as well as additional HIPAA, banking, and credit card content.

According to Gartner, DLP is still immature, and still a work in progress. In a report by IDG News Service, Gartner security analyst Paul Proctor said vendors are pushing immature products with poorly defined architectures and policies that are ultimately ineffective in organizations that aren’t prepared to use them.

Song seems to agree, implying it is more a journey than a destination. “We’re really doing this as part of a DLP ecosystem,” he says. “No DLP is an island.”