 |  |
PR Newswire
News releases from Impact 50 companies -- those public companies with the most impact in Rhode Island -- who subscribe to PR Newswire.
RSA, the Security Division of EMC, Delivers Standards-Based Approach to Help Simplify Compliance
BEDFORD, Mass., May 6 -- RSA, The Security Division of EMC
In addition, RSA announced new reports within the RSA enVision(R) security information and event management solution that are designed to enable organizations to more easily report on key aspects of the ISO 27002 standard -- a global code of practice for information security management which is useful in defining an effective set of best practice security controls as part of a compliance framework.
In March 2008, RSA commissioned Michael Rasmussen, industry analyst and President of Corporate Integrity, to undertake a research paper based on what it means to develop a "sustainable and cost-effective IT compliance program." The key findings of this project are that the typical approach to compliance -- responding on a regulation-by-regulation basis without an integrated IT compliance management program -- escalates costs, reduces visibility of the control environment overall, wastes resources, and leads to unnecessary complexity, inflexibility, vulnerability and exposure.
"A proactive approach to IT compliance allows organizations to look confidently to the future while also mitigating risk in the course of business," said Mr. Rasmussen. "An effective IT compliance program should be centered on a comprehensive framework, based on industry-wide standards -- such as ISO 27002."
Security Frameworks-Based Programs to Simplify IT Compliance
As organizations worldwide struggle to both comply with a plethora of compliance requirements and improve enterprise-wide security, a framework-based approach founded upon best practices and controls helps customers to build a proactive security program that may effectively break down the walls that often isolate organizational compliance silos. By driving compliance holistically, rather than on a requirement-by-requirement basis, companies may reduce costs by both avoiding redundant technology controls and easing the process of managing compliance. In addition, leveraging international standards such ISO 27002 as the foundation of an IT security and compliance program helps organizations align efforts to comply with key portions of many global regulations, including: the Payment Card Industry (PCI) Data Security Standard (DSS), HIPPA, Sarbanes-Oxley, the European Union's Data Protection requirements and regional data privacy laws.
"Our forward-thinking customers are using framework-based security and compliance programs to cost-effectively satisfy multiple requirements and manage information risk," said Steven Preston, Senior Director, Solutions Marketing at RSA, The Security Division of EMC. "This goal can be achieved through the application of a consistent, holistic set of repeatable, scalable, enterprise-wide controls, which are centered upon recognized IT security best practices."
RSA Solutions to Establish Security Frameworks for Simplified Compliance
RSA's portfolio of technology solutions offers key security controls that help organizations establish frameworks based upon global best practices and standards. Key controls delivered by RSA's solutions include:
New Reporting Capabilities Within the RSA enVision Platform for ISO 27002-based Security and Compliance Programs
The RSA enVision platform is designed to offer a comprehensive suite of out-of-the box reports, which help enable organizations to effectively monitor their ISO 27002-based security and compliance program. These reports are prepared to align directly with the ISO 27002 standard, and help enable organizations to effectively demonstrate compliance with critical areas of the specification. Reports within RSA enVision platform related to ISO 27002 focus on areas such as computer account logon activity, computer account status, control of collected evidence, control of human resources data, malicious software activity, password changes and expirations and source code access.
Information Security Services to support Framework-based Compliance Initiatives
In addition to delivering a broad range of security controls, various EMC information-centric security consulting services -- leveraging solutions from RSA -- help enable organizations to effectively enact framework-based compliance programs. These include:
About RSA
RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration, helping the world's leading organizations succeed by solving their most complex and sensitive security challenges. RSA's information-centric approach to security guards the integrity and confidentiality of information throughout its lifecycle -- no matter where it moves, who accesses it or how it is used.
RSA offers industry-leading solutions in identity assurance & access control, encryption & key management, compliance & security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit http://www.RSA.com and http://www.EMC.com.
RSA, SecurID, enVision, is a registered trademark and/or trademark of RSA Security Inc. in the U.S. and/or other countries. EMC is a registered trademark of EMC Corporation. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Linux is a registered trademark of Linus Torvalds. All other products and/or services mentioned are trademarks of their respective companies.
CONTACT: Lona Therrien of EMC Corporation, +1-781-515-5449,
Corporation, +1-212-905-6040,
Web site: http://www.emc.com/
http://www.RSA.com/
http://www.RSA.com/compliance/
