Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

Microsoft, RSA Partner To Integrate DLP, Identity Management

Broad adoption of data classification technology could be "game changer" for both DLP and Microsoft

In a move that analysts describe as "game changing" for data loss prevention (DLP) technology, Microsoft today announced plans to integrate RSA's DLP technology into its product line.

DLP, a technology that was practically unknown two years ago, has skyrocketed into enterprise security plans and road maps during the past 18 months. The technology -- which helps discover and apply security policies to sensitive data and content defined by the enterprise -- is rapidly becoming synonymous with the prevention of insider attacks and data leaks, a set of threats that is becoming increasingly serious as the economy declines. RSA, the security division of EMC, unveiled a set of products and strategies for implementing DLP across the enterprise in April. The strategy was immediately adopted by Cisco Systems, which has been integrating RSA's DLP technology in its product line since early spring.

Today, Microsoft also announced plans to adopt the RSA product line and strategy. "The resulting collaboration is designed to enable organizations to centrally define information security policy, automatically identify and classify sensitive data virtually anywhere in the infrastructure, and use a range of controls to protect data at the endpoints, network, and data center," the partners said.

The first move of the partnership in the near term: RSA's DLP Suite 6.5 will be engineered to integrate tightly with Microsoft Active Directory Rights Management Services (RMS) within Windows Server 2008. The integration will allow customers to automatically apply RMS-based information access and usage policies based on the sensitivity of information, the partners said. In addition, the integration of RSA's DLP data classification technology with Active Directory will help enable customers to efficiently implement DLP controls tied to employee identity or group membership, they said.

The integration of RSA's DLP technology with Microsoft's identity management technology is at the heart of the partnership, according to company officials and analysts, who were briefed on the announcement.

"What's exciting to me about this announcement is that we're bringing the worlds of identity management and security together," says Douglas Leland, general manager of Microsoft's Identity and Security Business Group, which was formed through a merger of the two formerly separate business groups five months ago.

The idea, Leland says, is to use DLP to discover and classify sensitive data, and then to use identity management to set policy as to who should be able to access it. Eventually, enterprises will be able to use RMS and Active Directory not only to define categories of users who are authorized to access specific servers or applications, but also which users are authorized to access the company's most sensitive data.

"This will put [enterprises] in a better position to keep control of their most sensitive data because the protection travels with the data," Leland says.

The integration may also help companies achieve regulatory compliance more swiftly, says Chris Young, senior vice president of products at RSA. "A lot of customers are telling us that they have too many point solutions, and that makes it difficult to prove compliance," he says. "In a lot of other cases, enterprises have implemented a lot of controls, but they don't have the proper context -- they are not content-aware or identity-aware. With this announcement, we're helping customers build policies that are data-centric, not infrastructure-centric."

The merger of identity management and DLP, combined with the broad support of an industry giant like Microsoft, is "game changing" for DLP, says Rich Mogull, founder and principal analyst at Securosis, a security consulting firm. But in order to merge the two technologies, enterprises will need to have well-defined policies for roles and groups, he says.

"If you don't have your identity management clearly defined by roles, the DLP part is not going to work as well as it should," Mogull says.

Andrew Braunberg, an IT security analyst at Current Analysis, says the addition of DLP classification technology to Microsoft's line could help propel the software giant to the forefront of the identity management market. "I suspect that this will feed nicely into the CardSpace/Geneva activities that Microsoft is working on for user-centric and claims-based identity and federation," he said. But Microsoft will first need to answer some questions about how the technologies will work together, such as how RMS encryption will be applied to DLP-discovered data, he said.

Mogull warned that it may take time for RSA's DLP classification technology to be fully integrated across the Microsoft product lines. "They have a very wide platform of products, and making this happen will require them to coordinate across product teams and get all the different groups to make this a priority," he observed. "But even if they could just get it into RMS, SQL Server, Exchange, and SharePoint, they'd have a big chunk of user environments covered."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11619
PUBLISHED: 2020-04-07
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).
CVE-2020-11620
PUBLISHED: 2020-04-07
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).
CVE-2020-11509
PUBLISHED: 2020-04-07
An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for WordPress allows remote attackers to upload page templates containing arbitrary JavaScript via the c37_wpl_import_template admin-post action (which will execute in an administrator's browser if the template is used to create a page).
CVE-2020-6647
PUBLISHED: 2020-04-07
An improper neutralization of input vulnerability in the dashboard of FortiADC may allow an authenticated attacker to perform a cross site scripting attack (XSS) via the name parameter.
CVE-2020-9286
PUBLISHED: 2020-04-07
An improper authorization vulnerability in FortiADC may allow a remote authenticated user with low privileges to perform certain actions such as rebooting the system.