The company has introduced four new services from its RSA Security Practice, including one that comes out of its recent acquisition of Archer Technologies. The consulting services will combine EMC's enterprise IT expertise with the security background of its RSA division to help customers secure their data based on business policies. EMC acquired Archer, a privately held governance, risk and compliance vendor, in January for an undisclosed sum.
The number of data security breaches now hitting enterprises indicates their internal systems can't keep up with new threats, said IDC analyst Vivian Tero. “When one takes into account the adoption of new technologies like cloud computing and virtualization, the security and risk management challenge becomes even more complex,” she wrote in an e-mail interview.
With their data spread across virtualized data centers and cloud computing environments, organizations have to know more about how the virtual infrastructure is configured to know where bits of data might be, Tero wrote. And administrators need to understand that quickly instead of waiting for an audit to identify potential weaknesses. Doing that by manually analyzing information from multiple point applications is too hard, so EMC wants to help them automate some of that management, she wrote.
The services EMC is introducing on Monday span a wide range of security-related requirements.
Its Standards and Compliance service, based on Archer's technology, works along with existing approaches to “translate business objectives into policies and information risk strategies,” according to EMC. That, in turn, can help customers meet corporate governance and regulatory compliance requirements. The Virtualization and Private Cloud Security service is designed to assess the security of virtualized environments and help secure virtual desktops and private clouds.
With the new Fraud Assessment and Strategy service, EMC will provide recommendations for addressing and mitigating risk. A new Security Operations service is designed to help enterprises build an integrated security operations center.
First Data, a payment processing company, on Monday will announce it is expanding its test of a card-information security system that it says it developed with the help of the RSA Security Practice. The TransArmor system, formerly called First Data Secure Transaction Management, takes shoppers' credit card numbers out of merchants' point-of-sale systems as soon as the transaction takes place, said Craig Tieken, vice president of merchant product management at First Data. TransArmor encrypts the card data for transmission to credit card companies and card-issuing banks for approval. It gives the merchant a token in place of the sensitive data so the store doesn't have to worry about securing their customers' information.
Starting out on the project about a year ago, First Data looked for security consultants to help develop it and scale it up, and found EMC, Tieken said. TransArmor uses RSA encryption technology. On Monday, First Data's test of TransArmor is expanding from just a few customers to more than 400. It should be generally available to merchants by the middle of this year, Tieken said.