Product data sheet

RSA Data Loss Prevention Datacenter

Discover sensitive data residing in data centers and mitigate risk proactively

At a Glance
Understand the risk profile by discovering and analyzing sensitive data in file shares, SAN/NAS, databases, SharePoint sites and other content repositories Attain high levels of accuracy to reduce risk and lower TCO with an extensive policy and classification library to secure sensitive data Scale enterprise wide with a unique grid architecture that enables data to be scanned faster with less hardware and set-up time required Manage sensitive data through actions such as move, quarantine, delete and eDRM Leverage centralized policy management to simplify deployment and ongoing management

understand where such sensitive data resides and manage it appropriately. However, discovering this sensitive data in the data center has remained a challenge largely due to the amount of data to be analyzed and due to the lack of automated and accurate tools for classification. The RSA Data Loss Prevention (DLP) Datacenter, which is a part of the RSA DLP Suite, is a comprehensive data loss prevention solution for information residing in file shares, databases, storage systems (SAN/NAS), SharePoint sites and other data repositories. It scans data sources with unprecedented speed and accuracy delivering a complete risk profile of data in the data center.

Discover and Manage Sensitive Data

RSA Data Loss Prevention Datacenter has a revolutionary architecture that brings the software to the data rather than the data to the software. Contrary to typical discovery technologies, where data from multiple locations is pulled to a central location for analysis, data is scanned and analyzed close to where it resides. Its unique grid-based architecture enables enterprises to scan all the sensitive data stored across file shares, databases, SharePoint sites and other repositories without generating any significant network traffic. Less hardware is required since existing servers with spare processing cycles can be leveraged to scan data, and set-up time is minimized since scanning jobs are automatically load balanced across the servers in the grid with no manual intervention required of IT. This allows organizations to scan large data repositories simultaneously and cut scan times from months to hours. The solution comes with more than 150 out-of-the-box policy templates to help organizations discover sensitive data from day one with the highest accuracy.

Overview
The amount of digital data stored at enterprise data centers is almost doubling every year. This data might include customer social security numbers or credit card information governed by regulations. Some of this data may contain intellectual property and product roadmaps critical to business operations. It is very important for organizations to

Enterprise Incident Management & Reporting

Once sensitive data is discovered, the solution initiates an incident tracking work flow process to log and monitor the data at risk. It maintains an audit trail of incidents and can alert a pre-defined set of stakeholders through e-mail feeds, automatically. DLP events can also be sent to the RSA enVision platform to streamline the process of understanding security risk across information, identities and infrastructure from the RSA enVision Security Operations Console. Controls such as move, quarantine or eDRM (through an integration with Microsoft Active Directory Rights Management Services) can be applied automatically on sensitive files, per corporate policy.

High Levels of Accuracy Sensitive data that is attributed to policy violations needs to be addressed as a security threat and remediated. Conventional solutions without high levels of accuracy identify significant numbers of non-sensitive data as sensitive data (e.g., confusing a random fifteen digit number with a credit card number) resulting in false positives. This inaccurate risk profile information not only increases the total cost of ownership, but also decreases the credibility of the solution over time. These false alarms force organizations to spend cycles remediating risks that do not exist, resulting in the waste of valuable security and IT resources. The RSA Data Loss Prevention Datacenter solution achieves exceptionally high accuracy in identifying sensitive data such as personally identifiable information (PII), payment card industry (PCI) data and intellectual property. High levels of accuracy are achieved through the deployment of described classification templates or fingerprinting technology, or a combination of both. Sophisticated detection algorithms in described classification templates follow precise rules to identify sensitive data. Not only do these rules analyze keywords and patterns but also investigate the contextual placement of the keywords within a file. Organizations can either enable pre-built policy templates (for data related to PCI, PII, HIPAA, GLBA, SOX, source code etc. ) or build their own rules to achieve high levels of accuracy in discovering sensitive data and preventing data loss. In cases where sensitive data is definite and known, organizations can also use fingerprinting technology where data is fingerprinted and registered in the DLP system to create classification policies. DLP can fingerprint files in folders or data in databases and look for complete or partial match of the data when scanning the datacenter.

RSA Product Data Sheet

Scalability and Centralized Management Enterprises having thousands of file servers and repositories demand an efficient and scalable methodology not only to discover and analyze sensitive data but also to take actions for security such as delete and quarantine. The RSA DLP Datacenter solution, as part of the RSA Data Loss Prevention Suite, provides a unified policy management architecture which allows easy deployment and management regardless of where the data resides. From a centralized location, administrators can configure policy templates and enforce policies across all data sources in the enterprise, making it easy for organizations to deploy and maintain the solution. To scan large amounts of data effectively the solution includes Grid Scanning, a featurey that leverages parallel processing technology using standard off-the-shelf servers configured as a cluster. This unique approach not only reduces the total cost of ownership (new hardware, etc.) but also increases the speed of scans by at least a factor of 10X.

"As I've found in a previous RSA DLP Datacenter (Tablus Content Sentinel) evaluation, the company's content detection is precise. The pre-built Expert Content Blades produced minimal false positives. After registering my custom client lists and source code, RSA Datacenter 3.0 found all instances of sensitive data." Quickly Discover Sensitive Content InfoWorld

Scan and Analyze Sensitive Data Where it Resides

Discover and analyze sensitive data with exceptionally high efficiencies using revolutionary distributed scanning architecture.

Analysis software Analysis software Enterprise Manager

Analysis software

Analysis software

Traditional single-point scanning approach Move all data to the analysis software.

RSA DLP Datacenter distributed approach Send the analysis software to the data.

RSA Product Data Sheet

RSA Data Loss Prevention Datacenter: Features and Benefits

DESCRIPTION
Discovery targets

SUPPORTED SYSTEMS
Windows, AIX, HP-UX, Solaris file shares SharePoint, Documentum and other repositories NAS/SAN storage

BENEFITS
Reduce risk with support for more data sources

Databases supported for scanning Regulatory data supported (over 150 pre-built policy templates)

Microsoft SQL Server, Microsoft Access Oracle 10g and 11g Payment card industry (PCI) Personally identifiable information (PII) Health Insurance Portability and Accountability Act (HIPAA) Gramm-Leach-Bliley Act (GLBA) Sarbanes Oxley (SOX) CA SB 1386, CA AB-1298 North American Electric Reliability Corporation (NERC) International Bank Account Number (IBAN) About 50 other regulations for North America, Europe, Australia and Asia

Reduce risk by securing sensitive data stored across the infrastructure Help to comply with regulations Mitigate the risk of legal fines Preserve customer confidence Help prevent costs associated with data breaches

Non-regulatory data supported

Intellectual property such as source code, blue prints etc. Business strategy and operations data such as pricing, competitive analysis, mergers and acquisitions information Design documents in CATIA formats

Help prevent class action lawsuits Mitigate the risk of loosing competitive advantage Help prevent loss of revenue Protect brand equity Protect intellectual property

Comprehensive Data Loss Prevention

The RSA Data Loss Prevention Suite (Network, Datacenter and Endpoint modules) comprises a comprehensive data loss prevention solution that discovers, monitors and protects sensitive data from loss or misuse whether in a data center, on the network or at the end points.

About RSA RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration, helping the world's leading organizations succeed by solving their most complex and sensitive security challenges. RSA's information-centric approach to security guards the integrity and confidentiality of information throughout its lifecycle no matter where it moves, who accesses it or how it is used. RSA offers industry-leading solutions in identity assurance and access control; encryption and key management; compliance; and security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.

Grid processing and incremental scanning were essential for Microsoft given the volume of data that we store. Also, RSA DLP Datacenter (formerly Content Sentinel) generates matched files with an accuracy rate consistently at or above 98%." Olav Opedal Security Program, Microsoft

2008-2009 RSA Security Inc. RSA, RSA Security and the RSA logo are registered trademarks or trademarks of RSA Security Inc. in the U.S. and/or other countries. Microsoft, Windows and SharePoint are registered trademarks or trademarks of Microsoft Corporation in the U.S. and/or other countries. EMC is a registered trademark of EMC Corporation. All other trademarks mentioned herein are the properties of their respective owners.

DLPCTR DS 0409