The Latest RSA News
Product and Solution Information, Press Releases, Announcements
| RSA Simplifies Use of Encryption With New Release of RSA® Key Manager Suite | |
| Posted: Mon May 18, 2009 03:37:00 PM | |
|
Upgrades from EMC’s Security Division Designed to Address the Customer Need for Consistent Key Policies and to Lower the Cost of Managing Encryption Data Tokenization from RSA Integrates and Extends Capabilities of RSA Key Manager Suite Bedford, MA— RSA, The Security Division of EMC (NYSE: EMC) today announced enhancements to RSA® Key Manager Suite (RKM), its enterprise encryption key management system designed to manage encryption keys at the application, database, and storage layer. With new integrations and server-side management features, RKM 2.5 can help lower the total cost of ownership associated with encryption by giving administrators strong control over the vaulting and management of keys from one central location. RSA Professional Services now also offers a new Tokenization Service that is engineered to extend RKM by enabling the use of tokens to mask and protect sensitive data. "Customers are continuing to deploy encryption in more places across their infrastructure to address different data security risks," said Tom Corn, vice president, Product Marketing, RSA, The Security Division of EMC. "As a result, they need enterprise key management systems like RKM to help reduce the management complexity and cost associated with point solutions. A centralized enterprise key management system allows them to adopt an encryption solution that works for them today and can expand to other encryption solutions in the future, without having to change their approach to key management." "Encryption is the ultimate control technology for meeting security standards and regulatory guidelines for information protection. However, encryption has been done in a stove piped manner. Encryption is most effective when part of a long-term data protection strategy," said Charles Kolodgy, research director, Secure Products, IDC. "Proper key management is the key to building a comprehensive data protection infrastructure out of the chaotic world of single purpose encryption applications. Products such as the RSA Key Manager provide an enforcement mechanism that will scale across and interoperate with all the different encryption technologies in the enterprise to make their encryption strategies more effective." Adding to Industry-Leading Interoperability with New Integration Partners RSA Key Manager is designed to simplify the ongoing operational headache associated with encryption by providing enterprise key management across multiple encryption points in the enterprise including tape/virtual tape, disk, databases, and applications. The latest offering includes direct integrations with two new technology partners, Brocade and Sun. These integrations are built with a direct communication between the key management server and the devices performing encryption, eliminating the need for unnecessary software layers: Data Center Fabric-based Encryption Solutions Data center storage switches and blades, offered through EMC Connectrix® technology and leveraging RSA® Key Manager technology, re-direct traffic from servers and applications to encryption services and to back-end storage. These solutions offer a scalable and innovative approach to fabric-wide encryption for data-at-rest within the data center. * Brocade® 32-port standalone encryption switch * Brocade 16-port encryption blade for DCX family Native Tape Encryption * Sun StorageTek LTO-4 Tape Drives These integrations build on RKM's industry-leading interoperability, which includes existing integrations with EMC PowerPath® path management software, EMC Connectrix SAN switches, Cisco MDS switches, the Advanced Security option for Oracle Database 11g Enterprise Edition, and Quantum and IBM LTO-4 tape drives. New Features Help Improve Security and Reduce the Time and Cost Associated With Encryption Encryption environments can often include many different application clients and devices performing cryptographic functions. Managing the permissions (i.e. the ability to encrypt, decrypt, generate keys, etc.) of these clients is often complex and time consuming, and can vastly increase the operational overhead associated with managing the encryption process. RKM 2.5 simplifies this as it is designed to allow granular control of permissions for each device or application in the system from a central location. This reduces overhead associated with multiple key management silos and gives greater control to administrators. Key managers are also responsible for maintaining audit activities to ensure compliance. Compliance rules require that companies maintain a log when keys are generated, rotated, or expired, and administrators often bare the burden of ensuring these functions are performed. RKM 2.5 is now engineered to capture and logs more detail on encryption operations, leading to easier and less costly audits. In addition, server-side searching, and meta-data editing increases usability and allow for keys to be tagged for easy retrieval, which comes in handy when a specific piece of information needs to be decrypted. RKM 2.5 is also designed to increase security by centralizing the vaulting and controlling of keys. Administrators can now rotate and delete keys centrally to ensure security requirements are met. This allows administrators to take action quickly if a key is compromised. RKM also includes a centralized key vault with automated replication and failover to ensure that keys are backed up and available at all times. RSA Key Manager helps reduce the complexity of managing encryption by enabling a centralized policy-based approach to key management, governing access to keys, sharing of keys, expiration of keys, shredding of keys, and all other aspects of key life cycle management. According to Tim Stanley, CISO at Continental Airlines, RKM has helped the company with its compliance initiatives. "Enterprise key management is an extremely important piece of any good security infrastructure," said Stanley. "RSA Key Manager provides us with centralized control of keys to ensure that encryption is handled properly and that keys are available over the long-term." New Tokenization Integration with RKM 2.5 RSA is also announcing the availability of Data Tokenization Services for RSA Key Manager, available now as a packaged offering from RSA Professional Services. For many applications, tokenization offers a strong alternative to encryption for the protection of sensitive data. Tokenization is designed to allow for data-masking without changing the underlying format of the data, and provides security without substantial operational changes to the application infrastructure. For example, credit cards stored in a database will maintain a sixteen digit field length but applications and users without access to the RKM token server would interact with the masked version of the data. This is a valuable feature for customers who need solid protection of sensitive data without significant operational complexity. Currently implemented with several large enterprise organizations, RSA Tokenization Services is engineered to integrate with RKM to provide encryption of sensitive data and centralized management of tokens. To purchase RSA's products visit http://www.TokenGuard.com |