Microsoft and EMC Partner to Build Data Loss Prevention Technology in Infrastructure

Microsoft and EMC announced a partnership to build the content classification technology from EMC's RSA Data Loss Prevention Suite into Microsoft's products and platforms. The partnership will begin with tight integration between RSA DLP 6.5 and Microsoft Active Directory Rights Management Services (RMS) within Windows Server 2008.

Microsoft and EMC are joining forces in the name of security.

The vendors have announced plans to work together to build security into the IT infrastructure, starting with EMC's data loss prevention (DLP) content classification technology. The immediate plan is to integrate RSA DLP Suite 6.5 - which will ship later this month - with Microsoft Active Directory Rights Management Services (RMS) within Windows Server 2008. In the long-term, though, the classification technology will be built into Microsoft products and platforms.

The integration will allow customers to automatically apply RMS-based information access and use policies based on the sensitivity of information, as well as better tie data loss prevention strategies to identity or group membership.

Katie Curtin-Mestre, director of product marketing for the Data Security Group within EMC's RSA security division, said customers will be able to implement data loss prevention controls tied to employee identity or group membership. For example, a company could apply a DLP policy related to protecting personally identifiable information targeted at the HR department and a DLP policy to protect source code for engineering, she said.

"Building RSA's DLP classification technology into Microsoft products and platforms will enable a truly built-in holistic solution to define security policies centrally, push policies across the infrastructure, classify and identify sensitive data that is exposed...and enable advanced workflow for remediation of data security incidents," she said.

Analysts are already calling the idea a "game changer." Read more about it here.

By ultimately building DLP classification technology into Microsoft products, the infrastructure becomes content-aware. Enterprises can centrally manage information security policy and apply those policies throughout their infrastructure based on user identity, regardless of where the information resides or is used. That, security analyst Rich Mogull said, is the more interesting part of the deal.

"Now we might have an engine, an agent, that is built into the Microsoft infrastructure for content analysis [and] can be plugged into," said Mogull, founder of the consulting firm Securosis.

A partnership between Microsoft and EMC, which through RSA is a major player in the strong authentication and single sign-on markets, also provides an interesting opportunity for the companies in the authentication space as well.

"Microsoft doesn't have the capability to support, at the workstation...native, third-party authentication mechanisms like one-time password devices," said Burton Group analyst Mark Diodati. "Well, RSA makes one-time password devices...they have a significant market share of the enterprise strong authentication market, and here you have the No. 1 strong authentication product being larger incompatible for Windows workstation authentication. It's been a problem for a lot of enterprises for a long time."