RSA Adopts Holistic IT Security As Threats Grow More Sophisticated

The threats organizations face -- including information -- stealing botnets, keystroke loggers and complex underground cyber crime networks -- are real and growing more sophisticated every day.

Combine these existing threats with mounting compliance regulations such as PCI and federal privacy and disclosure laws such as HIPAA and Sarbanes Oxley, and businesses are facing a unique and daunting security climate unlike anything they've experienced before.

And make no mistake, it's only going to get worse, says Art Coviello, president of RSA Security Inc., Bedford, Mass., security division of EMC, because many companies are ill-equipped to deal with the challenges this new security environment will bring.

"The perimeter defense doesn't work anymore," said Coviello in an interview with CRN. "We've created degrees of openness with Web applications and wireless. We're trying to protect this information in a day of information overload."

As security both evolves and matures, vendors and VARs will need to change with it—parting ways with traditional point product and narrowly focused solutions and orienting toward a more holistic approach, said Coviello. He said that these days, issues won't be resolved with just a series of isolated products, but with deliberate strategies that comprehensively assess companywide security environments and implement solutions to achieve required objectives.

And, Coviello said, RSA is prepared to help pioneer that paradigm shift with its beefed-up assurance solution, Authentication Manager 7.1, which it launched at the 2008 RSA Conference in San Francisco earlier this month. "We have to be as organized and purposeful about security as [the criminals] are—understanding what your risks are and doing everything possible to mitigate them," Coviello said. "This is not fear-mongering. There's not a day that goes by that you don't see someone get attacked," he added.

But preparing for a security overhaul on the vendor side is arguably only half the battle. VARs now face the monumental task of convincing clients to rethink their own security philosophy and adopt new and comprehensive strategies to combat growing threats.

Persuading customers to rethink their security philosophy is one of their most significant challenges, partners say.

Preston Hogue, CSO of RSA partner Network Computing Architects Inc., Bellevue, Wash., added that he routinely deals with customers that conduct risk analysis once a year before they're audited and come up with solutions that are tantamount to a bunch of controls. "We ask them, 'How do you leverage those controls to mitigate risk to critical assets?' The majority of them say, 'We don't.'"

Next: New Enhancements New Enhancements
So if there was ever a time for a colossal upgrade to the company's identity assurance platform, it's good that it's now, both VARs and RSA execs say.

"You want to keep your name out of the papers and do more business. You must have comprehensive capabilities around identity assurance to be able to scale in that way," said Carol Clark, senior product marketing manager for RSA. "How can you take that user authentication and extend it to a more dynamic trust model and protect all the channels? That's very much an RSA perspective."

Keeping true to RSA's vision, the new Authentication Manager 7.1 provides a solution for customers that need to discover and classify information, and then set policies to help mitigate the risk of its loss, Clark said. It also addresses the growing problem businesses face in securing data that's constantly moving as a result of a growing mobile workforce, she said.

With more than 40 total new enhancements, version 7.1 comes with four main features that include credential management, or mechanisms to prove user identity before granting access to systems. It also incorporates a range of authentication mechanisms and contextual authorization, which includes access control, as well as integrated intelligence—the ability to provide proactive threat protection with alerts on emerging threats and information-sharing services.

All of these functions have the ability to be deployed across domain and infrastructure platforms and as well as vertically throughout the supply chain, RSA execs said.

Opening Doors
Partners anticipate that the new Authentication Manager will open up new doors in the marketplace—especially in the midtier and SMB space, which are increasingly looking for cost-effective ways to balance comprehensive network protection and compliance in a way that requires minimal staff and resources.

"The awareness that everybody can have their identity stolen is becoming more evident. A lot of clients want to do a lot of two-factor authentication for everyone in the supply chain," said Bruce Flitcroft, president of RSA partner Alliant Technologies in Morristown, N.J. "RSA is coming up with a realistic approach. All we have to do is administer the process," he added.

Other partners say they're excited about version 7.1's mobility options and its enhanced management features, which can be scaled to meet a company's size and security needs. "We can add users onto the system. Or they can bring that down to a help desk environment and not give away the keys to the kingdom," said Ira Silverman, CEO of RSA partner Gotham Technology Group LLC, Montvale, N.J.

The new Authentication Manager also creates opportunities to hold new and broader conversations with their customers about risk management.

"The majority of companies, even the larger companies, have the same issue: not understanding where their critical data lives," Hogue said. "The No. 1 threat is the lack of management of information."

Next: Thinking Holistically Thinking Holistically
Perhaps now more than ever, vendors need to approach security from a different angle in light of the fact that the security threatscape has radically changed to become more organized, targeted and financially driven than ever before, partners say. Partners noticed that RSA's focus started to shift from product to strategy and solution within the last five years, although the company's strategy-focused mission really evolved at the beginning of 2007.

"You could tell that the messaging was starting to change dramatically," Flitcroft said. "It's not just about a token box. They started to look at operation and lifecycle management."

Said Hogue: "The buying power that RSA has now—it's mind-boggling. These guys get it."

From where Coviello stands, 2008 will be the year of the Trojans, such as information- stealing bots, which allow attackers to inject malicious codes on legitimate Web sites or infiltrate the networks of financial institutions, government agencies and corporations.

It will also be a year in which criminal networks become even more sophisticated and purposeful, Coviello added. As attacks become increasingly effective, social engineering techniques will become more finite, targeted and complex. Attackers will use methods like spearphishing—a message or malicious link that targets specific individuals in a company, usually at an executive level, to acquire passwords, financial data and other sensitive information.

The current security landscape will require businesses to not only conduct extensive risk assessment with comprehensive data classification, said Coviello, but to also put that information in context by resetting policies to help mitigate the risk for the most critical and sensitive information.

Yet despite these numerous challenges that businesses currently face to secure their organizations, there is hope, partners say. Just over the past year, they have seen customers start to realize that purchasing products without implementing an overall strategy does little to keep their organizations truly safe.

And, RSA partners say, that's good for business.