Ties internal DLP to external threats
Users trying to send out sensitive data in emails will be warned they are in danger of contravening security policy with latest data leakage protection (DLP) system from EMC Corp’s security division RSA.
Data at rest can now be moved or quarantined automatically and end users can apply self-remediation for sensitive emails quarantined due to violations, the company said of the feature added to the RSA DLP 7.0 data protection tool.
The system is engineered to generate and send violation reports automatically to the appropriate IT security or human resources personnel.
The DLP system can be tied into the company’s enVsion security information and event management console so that security administrators can start to assess internal threats in the same way as they manage potential security failings caused by actions that stem outside the enterprise wall.
EnVision came to EMC through the acquisition of a company called Network Intelligence in 2006, and started out as an appliance dedicated to the collection and analysis of event data from disparate devices in the enterprise infrastructure.
Envision uses the logs of infrastructure devices as the source of its data, integrating this into a common database while storing it without compromising the integrity of its source format. The added value from Envision arises from its taxonomy of the log information from the various technology types, which delivers insight into the unstructured log information.
RSA refocuses this technical data on real business needs, as an aid for compliance, support of forensics, and the formulation of threat responses.
Bringing internal threats of data leakage to the security event console is a step that should considerable streamline security operations and bolster defences. Educating users on what potential actions are deemed to breach the security policy should also mean better enforcement.
RSA said it had primed the new system with “one of the most comprehensive DLP policy and classification libraries in the industry.”
Of 22 new policies included as templates are those needed to support North American Electric Reliability Corp (NERC) compliance, along with additional coverage for policies that help protect personally identifiable data in Australia, Italy, Netherlands, Spain, Sweden, and New Zealand.
The software can also be used to pinpoint the location of sensitive data types and sources. “Organisations will now be able to discover structured content in Oracle and SQL Server databases” the company said.
Overall, the RSA DLP 7.0 suite is engineered with more than 68 enhancements in the areas of policy management and classification, remediation, database scanning, reporting and administration. It starts at $50,000.