The Latest RSA News
Product and Solution Information, Press Releases, Announcements

VMWorld^® 2010 – San Francisco, CA – today unveiled the RSA Solution for Cloud Security and Compliance for comprehensively managing security, risk and regulatory compliance of cloud infrastructures, helping increase customer confidence to virtualize business-critical applications.

“Security is a top concern organizations have about moving critical business applications to the cloud,” said Jon Oltsik, Principal Analyst at the Enterprise Strategy Group. “Even with all the benefits cloud computing provides, CIOs will continue to be wary until there is a way to manage security and compliance with the same level of assurance that is available today with physical data center environments. With today’s announcement, EMC has made an important first step in addressing this fundamental concern with security in today’s growing virtualized and cloud infrastructures.”

Featuring an easy to use dashboard based on the RSA® Archer™ eGRC platform, the solution is designed to give organizations a complete assessment of security and compliance posture across their VMware virtual infrastructure. This allows customers to centrally manage security across both virtual and physical infrastructures using RSA Archer. The dashboard integrates with a library of more than 100 VMware-specific controls such as administrative authentication, that map to the most current global regulations such as PCI-DSS and HIPAA to ensure best practices for deployment. The solution also integrates with the RSA® enVision security information and event management platform to provide a more comprehensive assessment of security events from across the enterprise.

“Demonstrating compliance on virtualized platforms has been a labor-intensive and highly complex process, particularly as many of our customers require FISMA compliance,” said Chris Day, Chief Security Architect, Terremark Worldwide, a leading global provider of managed IT infrastructure services. “We’ve given input throughout the design of the RSA solution and fully support their shared vision with partners VMware and Intel. Using the RSA Solution for Cloud Security and Compliance will enhance our ability to assess the security of the virtual infrastructure and help the customers that choose Terremark for their cloud infrastructure respond to compliance audits.”

RSA Solution for Cloud Security and Compliance

The RSA Solution for Cloud Security and Compliance helps enable organizations to rationalize a multitude of compliance requirements, control frameworks, standards and best practices into a set of centralized security policies that can be applied to virtual infrastructure. Simple dashboards are designed to make it easy to visualize security and compliance posture. Through automated assessments and simple workflows, the solution helps streamline the process of managing tasks between security teams that define policies and IT operations teams responsible for implementing those policies

Capabilities delivered as part of the RSA solution include:

• Dashboard views based on the RSA Archer eGRC platform designed to enable fast and accurate assessment of security and compliance posture across physical and VMware virtual infrastructure.
• Top-Down Visibility for Control and Compliance: The RSA solution includes a comprehensive, centralized library and ready reference of security controls within the RSA Archer platform. This library has been expanded to cover more than 100 VMware-specific controls that map the most current, global regulations such as PCI-DSS and HIPAA. New software available with RSA Archer automates the measurement of several VMware configuration elements to simplify the task of measuring compliance. RSA enVision is being enhanced to add further intelligence to the RSA Archer platform by updating the compliance assessments with security-relevant events. RSA enVision collects security events from an ecosystem of products including the RSA® Data Loss Prevention suite, VMware vShield, VMware vCloud™ Director, VMware vCenter™ Configuration Manager, EMC® Ionix®, and HyTrust® appliance to enrich the compliance reports provided by the RSA Archer platform.
• Process Automation for Managing Remediation of Security Policies: The RSA Solution for Cloud Security and Compliance leverages automated workflow and notification processes in RSA Archer to simplify the tasks of remediating security issues.