RSA Solution for Cloud Security and Compliance is aimed at managing security, risk and regulatory compliance of cloud infrastructures--multitenant or otherwise.
On Day One of VMworld 2010
EMC's RSA security arm on Aug. 30 introduced a new integrated security
and compliance package designed expressly for multitenant cloud
RSA Solution for Cloud Security and Compliance is aimed at managing
security, risk and regulatory compliance of cloud
infrastructures--multitenant or otherwise--and to decrease customer
deploying virtualized business-critical applications.
"Historically, it's been hard for a [cloud computing] enterprise to say
to the business, 'Look, this shared infrastructure is secure, it's
auditable, and we've followed all of VMware's security-hardening
guidelines, of which there are 160,'" Chad Sakac, EMC's vice-president
of tech alliances with VMware, told eWEEK.
"Even though these are written down in one place and everything's
really fluid, and people are working really hard to try and resolve
something they are facing, they could tweak [something], and
unknowingly in that tweak, they could expose the infrastructure in some
way to various security attacks."
RSA Solution for Cloud Security and Compliance features a
dashboard-based RSA Archer eGRC (enterprise governance, risk and
compliance) platform, Sakac said, which gives organizations an
up-to-date assessment of security and compliance across their VMware
RSA Archer allows customers to centrally manage security across both
virtual and physical infrastructures, Sakac said. The dashboard
integrates with a library of more than 100 VMware-specific
controls--including administrative authentication--that connect
directly to the
latest versions of global regulations, such as PCI-DSS and HIPAA.
Further, the package also integrates with the RSA enVision security
information and event management platform to provide a comprehensive
assessment of security events from across the enterprise, Sakac said.
"Security is a top concern organizations have about moving critical
business applications to the cloud," said Jon Oltsik, principal analyst
at the Enterprise Strategy Group.
"Even with all the benefits cloud computing provides, CIOs will
continue to be wary until there is a way to manage security and
compliance with the same level of assurance that is available today
with physical data center environments. EMC has made an important first
step in addressing this fundamental concern with security in today's
growing virtualized and cloud infrastructures."
The RSA Solution for Cloud Security and Compliance will become available in Q4 2010, Sakac said.