As the line between storage and security continue to blur, EMC's consulting arm is launching an advisory service focused on governance, risk and compliance.
FRANCISCO EMC's consulting division is stepping into the security arena with
five new risk management advisory services to help customers secure their data
while meeting various regulatory and compliance requirements.
Consulting would offer customers end-to-end services designed to handle
compliance requirements while considering each organization's unique set of
business needs, the company announced Feb. 29 at the RSA Conference in San
Francisco. The new security managed advisory services will be delivered as part
of the EMC Consulting portfolio.
cloud computing, mobile and the emergence of big data applications have
dramatically altered how organizations create, deliver and manage information, according
to EMC. The openness of information within these new environments can
significantly increase an organization's risk. These new security and risk
management advisory services are also intended to boost customer confidence
about the security of its data.
are being forced to make their information resources easily available to
authenticated users anytime, anywhere, said Tom Roloff, COO of EMC Consulting.
help organizations cope with the unprecedented levels of security, risk and
compliance challenges and threats, EMC's new services offer different capabilities
that fall under the broad governance, risk and compliance (GRC) umbrella.
Cloud Advisory Services provide visibility into the organization's private and
public cloud infrastructure, as well as offering some control over the
environment. Information Governance Advisory Services provides visibility into high-value
information, such as where it is stored, who has access to it and how it is
stored. Governance, Risk and Compliance Advisory Services identify, analyze,
manage and mitigate risks.
and Identity Management Advisory Services protect sensitive information while
allowing trusted identities to freely and securely interact with online
systems. Fraud and Identity Management would increase organizational
efficiency, improve customer satisfaction and control costs, according to EMC.
Organizations would be able to understand evolving cyber-threats while making
sure the data remained protected.
more organizations grapple with the issue of allowing employee-owned mobile
devices in the enterprise, there are a lot of questions about the risks they
pose and how existing compliance rules apply. Mobile Device Security Advisory
Services mitigate risks associated with allowing mobile devices to access
sensitive data and resources by extending existing enterprise security policies
and control over the mobile devices.
services offer organizations with an ideal remedy to lock down access control
and identify IT infrastructure security gaps before they become problematic, or
worse, irrevocably damaging, said Chris Christiansen, an analyst with IDC.
culpability is no longer the responsibility of just the CISO [chief information
security officer], IDC's Christiansen said.
security offerings from EMC have fallen under the banner of the companys RSA
Security business, while EMC handles data storage technology itself.
Consulting does have a GRC practice, and the new services are an extension of
the products and services offered by the consulting division and RSA, according
to EMC. Enterprises can transition from reactive security methods to a
proactive security approach with these services.
combining these new security and risk management services with RSA's expanding
product portfolio, EMC's security proposition has never been stronger,"
said Branden Williams, CTO of marketing at RSA Security.
is not the first enterprise storage vendor to invest heavily in security
services. HP has an Enterprise Security Division and IBM launched its IBM
Security Solutions just a few months ago. Dell and Hitachi Data Storage have
also made security moves with Secureworks and HitachiID.
Executive Chairman Arthur Coviello said during the opening keynote Feb. 27 that
organizations have to shift their security strategies to identify and manage
risks. It is not possible to never be compromised, but it is possible to reduce
what can be breached and also to minimize what can be successfully stolen,
Coviello told attendees.