Cisco, EMC extend security partnership

Cisco Systems and EMC are expanding a partnership to ensure the security of sensitive enterprise data.

The companies are already working together, but now plan to do more to combine network security technology from Cisco and data security tools from EMC's RSA division, executives said Monday at a press event held in conjunction with the RSA security conference in San Francisco.

Responding to the growing need to control sensitive data, Cisco and EMC plan to jointly develop integrated products, services, and best practices, said Richard Palmer, senior vice president and general manager of Cisco's Security Technology Group. They initially will focus on data loss prevention, datacenter security, and data encryption and key management. By joining together, the companies can cover everything from datacenters and servers to individual employees' PCs, plus the network that connects them, he said. However, details were scarce at the Monday announcement.

[ For a better understanding of DLP issues, read "The debate over the right data loss prevention strategy" ]

As sensitive data is shared more widely, concerns about customer privacy, company confidentiality, copyright, and other issues are making it more important to treat data carefully, said Tom Corn, vice president of product marketing and product management in EMC's data security group.

"Threat defense, for years, was keeping bad things out. Now we have to be in the business of keeping good things in, as well," said Robert Gleichauf, Cisco's chief technology officer for security.

RSA' s DLP Suite can detect sensitive data based on a wide variety of requirements and legal standards around the world, RSA said. Cisco will integrate those classification capabilities with its own DLP tools in the network and on PCs and other end points; RSA's DLP Suite will take advantage of Cisco's policy enforcement capabilities.

First, Cisco will enhance its CSA (Cisco Security Agent) with the RSA classification technology, and customers will be able to manage the combined capabilities with either the Cisco Security Agent Management Center or the RSA DLP Enterprise Manager, the companies said. In addition, the companies will let enterprises integrate the Cisco MDS 9000's Storage Media Encryption technology with RSA Key Manager so that they can encrypt data stored on tapes and virtual tapes. One other area of increased cooperation will be PCI (Payment Card Industry) security regulations, important in retail industries for customer credit-card information.

In a demonstration of the RSA classification technology working with Cisco's CSA, the companies simulated an employee accidentally trying to copy a document containing customer credit-card numbers onto an external storage device. CSA produced a pop-up warning to the employee that included a box where the employee could give a business justification for going ahead with the process. Another tool let the user clean out the sensitive information before copying the document over. Lessons learned from such incidents, if they happened frequently, could point to changes in business processes, the companies said.