Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

Microsoft, RSA Partner To Integrate DLP, Identity Management

Broad adoption of data classification technology could be "game changer" for both DLP and Microsoft

In a move that analysts describe as "game changing" for data loss prevention (DLP) technology, Microsoft today announced plans to integrate RSA's DLP technology into its product line.

DLP, a technology that was practically unknown two years ago, has skyrocketed into enterprise security plans and road maps during the past 18 months. The technology -- which helps discover and apply security policies to sensitive data and content defined by the enterprise -- is rapidly becoming synonymous with the prevention of insider attacks and data leaks, a set of threats that is becoming increasingly serious as the economy declines. RSA, the security division of EMC, unveiled a set of products and strategies for implementing DLP across the enterprise in April. The strategy was immediately adopted by Cisco Systems, which has been integrating RSA's DLP technology in its product line since early spring.

Today, Microsoft also announced plans to adopt the RSA product line and strategy. "The resulting collaboration is designed to enable organizations to centrally define information security policy, automatically identify and classify sensitive data virtually anywhere in the infrastructure, and use a range of controls to protect data at the endpoints, network, and data center," the partners said.

The first move of the partnership in the near term: RSA's DLP Suite 6.5 will be engineered to integrate tightly with Microsoft Active Directory Rights Management Services (RMS) within Windows Server 2008. The integration will allow customers to automatically apply RMS-based information access and usage policies based on the sensitivity of information, the partners said. In addition, the integration of RSA's DLP data classification technology with Active Directory will help enable customers to efficiently implement DLP controls tied to employee identity or group membership, they said.

The integration of RSA's DLP technology with Microsoft's identity management technology is at the heart of the partnership, according to company officials and analysts, who were briefed on the announcement.

"What's exciting to me about this announcement is that we're bringing the worlds of identity management and security together," says Douglas Leland, general manager of Microsoft's Identity and Security Business Group, which was formed through a merger of the two formerly separate business groups five months ago.

The idea, Leland says, is to use DLP to discover and classify sensitive data, and then to use identity management to set policy as to who should be able to access it. Eventually, enterprises will be able to use RMS and Active Directory not only to define categories of users who are authorized to access specific servers or applications, but also which users are authorized to access the company's most sensitive data.

"This will put [enterprises] in a better position to keep control of their most sensitive data because the protection travels with the data," Leland says.

The integration may also help companies achieve regulatory compliance more swiftly, says Chris Young, senior vice president of products at RSA. "A lot of customers are telling us that they have too many point solutions, and that makes it difficult to prove compliance," he says. "In a lot of other cases, enterprises have implemented a lot of controls, but they don't have the proper context -- they are not content-aware or identity-aware. With this announcement, we're helping customers build policies that are data-centric, not infrastructure-centric."

The merger of identity management and DLP, combined with the broad support of an industry giant like Microsoft, is "game changing" for DLP, says Rich Mogull, founder and principal analyst at Securosis, a security consulting firm. But in order to merge the two technologies, enterprises will need to have well-defined policies for roles and groups, he says.

"If you don't have your identity management clearly defined by roles, the DLP part is not going to work as well as it should," Mogull says.

Andrew Braunberg, an IT security analyst at Current Analysis, says the addition of DLP classification technology to Microsoft's line could help propel the software giant to the forefront of the identity management market. "I suspect that this will feed nicely into the CardSpace/Geneva activities that Microsoft is working on for user-centric and claims-based identity and federation," he said. But Microsoft will first need to answer some questions about how the technologies will work together, such as how RMS encryption will be applied to DLP-discovered data, he said.

Mogull warned that it may take time for RSA's DLP classification technology to be fully integrated across the Microsoft product lines. "They have a very wide platform of products, and making this happen will require them to coordinate across product teams and get all the different groups to make this a priority," he observed. "But even if they could just get it into RMS, SQL Server, Exchange, and SharePoint, they'd have a big chunk of user environments covered."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31494
PUBLISHED: 2021-06-15
This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
CVE-2021-31495
PUBLISHED: 2021-06-15
This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
CVE-2021-31496
PUBLISHED: 2021-06-15
This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
CVE-2021-31497
PUBLISHED: 2021-06-15
This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
CVE-2021-31498
PUBLISHED: 2021-06-15
This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists w...