Đang tải... (xem toàn văn)
An inside-out view of how to secure information Begins with securing the data itself Moves out through layers of increasingly intelligent infrastructure Relies on our ability to leverage the interaction between data and infrastructure
Go to View/Master/Slide Master to type in header 1 Propelling Business Growth With A Secure And Continuous Information Infrastructure Jon Murray Go to View/Master/Slide Master to type in header 2 Information: Change in Multiple Dimensions information growth information types information uses information regulations more regulations: SEC 17a-4, NASD 3010,Sarbanes-Oxley, Basel II, UK Metadata, eSign Act, 21 CFR Part 11 (more coming!) more growth: information stored on disk arrays growing ~60% in 2006 more uses: ERP, CRM, RFID, collaboration, data mining, discovery … more types: transactions, documents, forms, web, images, voice, messages, reports . Go to View/Master/Slide Master to type in header 3 Customers’ Information Storage and Management Challenges CIO’s Dilemma: How to manage all the information growth with limited resources? Information stored on disk arrays ~ 70% IT budget growth ~ 4 - 5% IT environment getting more complex SLA’s continue to expand and tighten Protection and security increasingly important Go to View/Master/Slide Master to type in header 4 2006 Technology Spending Priorities–CIO Survey Source: Morgan Stanley November CIO Survey, Jan. 3, 2006 1. Security (Software) 2. Security (HW & Services) 3. Storage Area Networks 4. Wireless LAN (access points & routers) 5. Storage Software 6. Portal Software 7. VOIP Infrastructure 8. IT Education and Training 9. Storage Hardware 10. Business Intelligence Software 11.Wireless LAN (clients) 12.New Custom Development 13.Routing 14.Systems Management Software 15.Application Integration Software 16.Notebook PCs 17.Document Management Software 18.Automated Testing Tool 19.Microsoft Office Upgrade 20.Application Software Server 45.Mainframe hardware 46.Printers Go to View/Master/Slide Master to type in header 5 Security Today An Amalgamation of Point Products Across IT Antivirus Anitvirus VPN Encryption Authentication Web Filtering Authentication Threat Detection Change/Patch Management LAN Clients Servers SAN Disk Storage Tape Spyware Firewall Digital Rights Management Encryption Vault Recovery Management Authentication Go to View/Master/Slide Master to type in header 6 Today’s Approach: Secure the Perimeter Go to View/Master/Slide Master to type in header 7 Security Tomorrow: Protect the Information Go to View/Master/Slide Master to type in header 8 Security Must Become Information-Centric Information-centric Security – An inside-out view of how to secure information Begins with securing the data itself Moves out through layers of increasingly intelligent infrastructure Relies on our ability to leverage the interaction between data and infrastructure Important Technology • Data-level access control • Open policy decision points • Enforcement at point of use Go to View/Master/Slide Master to type in header 9 Information Security (Confidentiality) Information Security Information Security Information Availability Information Availability Information Confidentiality Information Confidentiality Information Integrity Information Integrity EMC’s Heritage P r o t e c t i o n and A Natural and Requested Evolution of EMC’s Data Protection Capabilities Go to View/Master/Slide Master to type in header 10 EMC’s Security Efforts to Date • CEO-level Mandate • Information Security Leadership Team • Company-wide Goals and Objectives • Security-related Workshops, Assessments • EMC Vulnerability Alert Service • Documentum Trusted Content Services • EMC Secure Remote Support • Data Erasure Service • DRM for ECM • Software-native Encryption – Retrospect and NetWorker • Data Encryption through EMC Select Dedicated Focus Dedicated Focus Security of Offering Security of Offering Comprehensive Information Protection Comprehensive Information Protection [...]... acceptable data loss Recovery Service OS: restored from tape and validated Application: restored from tape and validated Data: restored from tape and validated Connectivity: restored and validated Redundancy of data: recover lost transaction and validate Redundant site: ready (warm site) Recovery plans: ready OS: restored from tape and validated Application: restored from tape and validated... validated Data: restored from tape and validated Connectivity: restored and validated Redundancy of data: recover lost transaction and validate OS: ready Application: ready Data: ready Connectivity: repoint network Redundancy of data: store and forward, tape back up of site Recovery plans: ready Testing: quarterly after significant Application Type Desktop applications... Services NAS Security Best Practices Kasten Chase VMware Assured Computing Environment Data Cipheroptics Erasure Services Digital Rights Management (with partners) 25 Go to View/Master/Slide Master to type in header Building a Next-Generation Information Infrastructure Information Lifecycle Management Flexible infrastructure Next-Generation Information Infrastructure Information protection and security... via archive 16 Go to View/Master/Slide Master to type in header Backup and Archive are Different Backup Archive A secondary copy of information Primary copy of information Used for recovery operations Available for information retrieval Improves availability by enabling application to be restored to point in time Adds operational efficiencies by moving fixed / unstructured content out of operational... CommonDecreased Recovery Time / Services Recovery Management Automated and SimplifiedRecovery Point Granularity Increased Management Disaster Recovery, Operational Recovery, and Testing/Migration 20 Go to View/Master/Slide Master to type in header Products and Technologies Platform Backup Recovery Remote Information Local Remote processing Multi-site Remote Clustering across site with Storage DR aware SAN SAN...Go to View/Master/Slide Master to type in header EMC Security Mission End-to-End Information Security Management EMC ISM Applications Vulnerability Management Threat Management Secure Content ID and Access Management Systems Information People Security Risk Management Vulnerability Assessment Patching Security Configuration Security Event Management / Managed Security Firewall / VPN Intrusion... Growth in cost and risk to the business Contain costs Cannot add resources Continuity Defined: Ensuring applications and data are available during planned and unplanned outages 19 Go to View/Master/Slide Master to type in header Information Protection is Evolving Beyond Tape Backup… Replication Operational Effectiveness CDP to Disk Snap / Clone Backup to Disk Backup to Tape DAYS/ HOURS HOURS/ MINUTES... Threat Appliances Anti-Virus/Malware Secure Messaging Web Filtering Encryption Encryption Digital Rights Mgmt File / Database Security Authentication Authentication Authentication Mgmt Authentication Mgmt Provisioning Security Services 11 Go to View/Master/Slide Master to type in header EMC’s Information- Centric Approach to Security Information Security Management (ISM) Information Security is an... Corporate tax systems Travel systems Human resources Some desktop applications Corporate tax system Travel systems Payroll Document imaging Accounting systems (ERP) Inventory control / distribution Credit card processing Cash management OS: ready Application: ready Data: ready Connectivity: repoint network Redundancy of data: store and forward, tape backup of site Redundant... Practices Kasten Chase VMware Assured Computing Environment Data Cipheroptics Erasure Services Digital Rights Management (with partners) 13 Go to View/Master/Slide Master to type in header Secure Content Management Information Object s ACL CL MA g2 4 EAL a Testin s e i riter ervic on C nt e n t S m Com ted Co Trus 14 Go to View/Master/Slide Master to type in header ESG Strategy forRecord and Storage . to View/Master/Slide Master to type in header 13 EMC Retrospect EMC Networker EMC Secure Remote Support EMC Documentum Trusted Content Services VMware Assured. Security Management EMC ISM Go to View/Master/Slide Master to type in header 12 EMC s Information-Centric Approach to Security EMC Strategy Expose