informa
News

EMC's Long Road to Security

Chief development officer Mark Lewis sees security slowly taking pervasive role

The security features EMC began integrating into its Symmetrix systems this week represent the first step in a long process that will likely take years. Eventually, though, security will permeate all of EMC's storage products.

That's the word from Mark Lewis, EMC's chief development officer. Of all the acquired technologies EMC is integrating into its core products, security features from RSA and Network Intelligence are near -- if not at -- the top of the list. (See EMC Pockets Network Intelligence and EMC Secures RSA for $2.1B.) But Lewis says the process will take far longer than it took for security to become such a high customer priority.

"The data security market is a market that a couple of years ago customers weren’t talking about, and all of a sudden it became top of mind," Lewis told Byte and Switch . "It went from ‘I don’t care' to 'This is my No. 1 priority’ overnight."

The integration certainly won't happen overnight, though. EMC began this week at the RSA Conference in San Francisco by announcing Symmetrix Service Credential, an RSA technology for authorizing users. (See EMC Kicks Off With Security and So Long, Security Silos .) EMC also added audit logs for tracking management activities and enhanced its disk erasure technology. But there are still a lot more RSA features waiting to be integrated.

"It's going to roll out over time," Lewis says. "You'll see this quarter on out, products adopting more security capabilities. We’ll have common security platform pieces for sign on, authentication, authorization, embedding, encryption, and -- more importantly -- global key management. It’s something that will roll out in quarters and it will literally be years before you look at ubiquity for encryption in every device and every disk drive and every element."

Along with building RSA security into Symmetrix, EMC is working with encryption vendors Decru -- part of Network Appliance -- and NeoScale on developing common standards for encryption. (See NeoScale Teams With RSA and Decru, RSA Partner.

Lewis says key management will drive encryption adoption.

"Ultimately, you’ll be able to have encryption in every device that's information related," he says. "You will have to encrypt everything from cellphones to thin clients. We're focusing our efforts on how you manage encryption keys -- appliance-based encryption, host-based encryption -- the secret is putting key management out there. You can create a lot of chaos if you don’t have key management set up."

As for a timeframe, Lewis says it's more important to get the integration done right than to get it done fast.

"Since we started out buying companies, rule No. 1 has been to take our time and make sure we understood the value proposition of what we bought," he says. "That's the ‘Don’t break what you bought’ rule."

Watch for the full interview with Lewis in an upcoming article on Byte and Switch. this week.

— Dave Raffo, News Editor, Byte and Switch

  • Decru Inc.
  • EMC Corp. (NYSE: EMC)
  • NeoScale Systems Inc.
  • Network Appliance Inc. (Nasdaq: NTAP)
  • RSA Security Inc. (Nasdaq: EMC)
  • Recommended Reading: