Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


04:13 PM
Dark Reading
Dark Reading
Products and Releases

CA Rolls Out Enhanced DLP, ID Management Products

Aannouncement includes new capabilities in CA DLP and CA Identity Manager for the distributed environment, and new releases of CA ACF2 and CA Top Secret for the mainframe platform

ISLANDIA, N.Y., Nov. 10, 2010 – CA Technologies (NASDAQ:CA) today announced the availability of new releases and enhancements to CA DLP, CA Identity Manager, CA ACF2™ and CA Top Secret' that help fulfill the company’s vision for Content-Aware Identity and Access management (IAM). Content-Aware IAM is the next-generation approach to IAM that helps improve information security, reduce risk and meet compliance mandates. Traditional IAM stops at the point of access; it doesn’t control how the information that is accessed is used. Content-Aware IAM goes a step further to not only help control identities and their access, but also what they can do with the information. This innovative approach helps enterprises protect their critical information from inappropriate use or disclosure.

Today’s announcement includes the availability of new capabilities in CA DLP and CA Identity Manager for the distributed environment, and new releases of CA ACF2 and CA Top Secret for the mainframe platform. These products help link identities and roles to information use policies, so that critical data can be protected based on the role of each user. Content-Aware IAM enables organizations to:

* Reduce administrative effort and cost through the automated provisioning of information use policies to users. * Improve security by removing data permissions immediately (for example, to view sensitive corporate information) upon termination or transfer of an employee. * Ease compliance with regulations by detecting and correcting attempted violations of information use policies based on identity. * Reduce effort and cost associated with compliance audits with easier reporting.

CA Security Enhancements for Content-Aware IAM

* CA DLP: The second major release of CA DLP in a year, CA DLP 12.5 delivers direct CA Identity Manager integration as well as enhanced detection techniques and policy-driven data encryption. o Content registration detection technique - Scans files and creates a digital “fingerprint” to identify sensitive content as it travels within or exits an organization. o CA Identity Manager integration – Uses identity attributes in data policy and influences information use (see CA Identity Manager below). o Policy driven data encryption for data in use - Initiates the encryption of emails, including attachments and files sent to removable devices, via integration with native and third-party encryption technologies. o Role-based event review – Delivers policy and role-based delegation that helps control visibility to events and enable segregation of duties in environments where CA DLP is deployed for multiple disciplines. For example, IT Security, Legal, Compliance, or HR could all deploy their own data policies and review infractions in isolation, protecting confidentiality and privacy.

According to the October 2010 report by Forrester Research Inc, “The Forrester Wave™: Data Leak Prevention Suites, Q4 2010,” “CA Technologies dramatic product enhancements have enabled it to considerably grow its DLP sales to emerge as a Leader.” The report goes on to say, “Perhaps as a result of all the improvements in the newest version of the product, CA’s DLP suite sales are growing faster than any other vendor’s, and a best-in-class 60 percent of its customers have already upgraded.”

CA Identity Manager: Improved integration and automation with CA DLP allows CA Identity Manager to directly provision, de-provision, and modify users in the CA DLP hierarchy. As users’ roles change, those changes are passed into CA DLP, which allows their data-use entitlements to also automatically change.

CA ACF2 and CA Top Secret for z/OS: Supports Content-Aware IAM in the mainframe environment with new data classification capabilities that help satisfy regulatory needs to control data use. The new releases of CA ACF2 and CA Top Secret for z/OS can be used to help classify data and ownership according to legal and government regulations. This allows the assignment of specific data classifications to critical resources for purposes of access policy refinement and reporting. Other security and administrative enhancements in these mainframe products include: reporting, certificate management, role-based security, operating system support, and protection of assets.

“Whether you are operating in the distributed world or in a mainframe environment, in order to secure information, comply with regulations and reduce risk, you need to control users, their access and what they can do with the information they access,” said Lina Liberti, vice president, Security, CA Technologies. “We see Content-Aware IAM advancing even further as we share intelligence across our entire IAM portfolio to improve the quality of access decisions and help strengthen an organization’s information security posture.”

Additional technologies that play a role in CA Technologies approach to Content-Aware IAM include CA Role & Compliance Manager, CA SiteMinder', CA Access Control, and identity-based user activity and compliance reporting.

To learn more about Content-Aware Identity and Access Management solutions from CA Technologies, visit:

* On the Web: http://www.ca.com/us/it-security-solutions.aspx and http://www.ca.com/us/mainframe-security.aspx * Security Management Blog: http://community.ca.com/blogs/iam/default.aspx * On Twitter: http://twitter.com/CASecurity

About CA Technologies

CA Technologies (NASDAQ: CA) is an IT management software and solutions company with expertise across all IT environments – from mainframe and distributed, to virtual and cloud. CA Technologies manages and secures IT environments and enables customers to deliver more flexible IT services. CA Technologies innovative products and services provide the insight and control essential for IT organizations to power business agility. The majority of the Global Fortune 500 relies on CA Technologies to manage evolving IT ecosystems. For additional information, visit CA Technologies at www.ca.com.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/23/2020
Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/19/2020
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
David Pearson, Principal Threat Researcher,  10/21/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-10-26
An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcore_externalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related command...
PUBLISHED: 2020-10-26
This affects the package systeminformation before 4.27.11. This package is vulnerable to Command Injection. The attacker can concatenate curl's parameters to overwrite Javascript files and then execute any OS commands.
PUBLISHED: 2020-10-26
A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
PUBLISHED: 2020-10-26
The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized interception and/or retrieval. Specifically, they display the kdc_admin_password in the source file of the ur...
PUBLISHED: 2020-10-26
SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) is an off node multiarray manager web application and remains isolated from data on the managed arrays. HPE has provided an update to HPE StoreServ Management Console (SSMC) software* U...