Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

RSA Security Unveils Simplified Approach to Application Security with RSA BSAFE® Data Security Manager

  • 07 June, 2005 11:02

<p>Policy-based data security ensures consistent data protection
and reduces application development complexities</p>
<p>SYDNEY, June 7, 2005 – RSA Security Inc. (Nasdaq: RSAS) today announced RSA® BSAFE® Data Security Manager, a security middleware solution for software developers that simplifies and strengthens application security by putting security decisions and design in the hands of security experts while easing the implementation of security for developers.</p>
<p>RSA BSAFE Data Security Manager eliminates the need for application developers to acquire specialized security knowledge, and provides a centralised, policy-based control framework for ensuring that applications meet critical business and regulatory requirements for protecting data.</p>
<p>RSA BSAFE Data Security Manager software addresses this challenge by shifting responsibility for making security decisions to security experts and application architects in the design phase of the application development process. This, in turn, eliminates the need for the after-the-fact troubleshooting often required with server- and appliance-based products, which helps to cut costs and reduce the burden on IT operations managers and resources.</p>
<p>According to Gartner, for purchased and internally developed software, removing only 50 percent of software vulnerabilities before production use reduces enterprise configuration management costs and incident response costs by 75 percent.* In addition, unlike many other security toolkits, RSA BSAFE Data Security Manager software is easy for application architects and developers to adopt and use. By leveraging pre-defined policies and simplifying implementation, RSA BSAFE Data Security Manager software streamlines the application development process and makes it easier for organisations to prove that security mechanisms have been implemented consistently.</p>
<p>“Organisations often have little confidence that they have implemented security controls properly because of the high level of sophistication required, and the result is too often an expensive or even embarrassing scramble when a problem is found after rollout,” said Ray Wagner, PH.D., Research Vice President, Gartner. “The concept of a centralised, policy-based approach to providing security to and within applications, rather than the current, often ad hoc, approach, may allow organisations to more easily control and audit application security, as well as change security policies over time without reengineering applications.”</p>
<p>Policy Based Data Security: From the Front Lines</p>
<p>RSA BSAFE Data Security Manager resides beneath a business application and hosts the organization’s data security policy, a library of all applicable security mechanisms, as well as a protection engine for enforcing these mechanisms. Security mechanisms include encryption and decryption; signing and verifying; message authentication; certificate processing; and secure transport protocol implementations.</p>
<p>Security experts must first classify a company’s data based on function, levels of sensitivity, or regulatory needs. These classifications are then mapped to the appropriate security mechanisms required to secure that data to form the security policy.</p>
<p>When developers begin to code, they only need to use simple programming interfaces provided by the product whenever they operate on sensitive data. The protection engine within RSA BSAFE Data Security Manager intercepts the data passed through these interfaces and automatically implements the correct security mechanisms based on the pre-defined policy.</p>
<p>This policy can also change over time to adapt to business requirements without requiring changes to application code. This solution balances the manageability needs of IT managers, security officers, and risk management analysts with the design and implementation needs of application architects and developers.</p>
<p>“As companies across industries, such as retail and financial services, move to better protect sensitive customer and corporate data, these organizations require a secure application infrastructure that is reliable, consistent, and auditable,” said Sebastian Moore, area vice president, Asia Pacific of RSA Security. “In addition, organisations must leverage the expertise of both application developers, and security, risk, and compliance managers. RSA BSAFE Data Security Manager enables companies to address this need, and ensures that data security policies and rules are implemented consistently and that they can be monitored and adjusted over time.”</p>
<p>RSA BSAFE Data Security Manager is expected to begin shipping in late September 2005.</p>
<p>About RSA Security
RSA Security Inc. helps organisations and individuals confidently protect identities and information access. The company secures more than 15 million user identities, safeguards trillions of business transactions annually, and manages the confidentiality of data in tens of thousands of applications worldwide. RSA Security’s portfolio of award-winning solutions – including identity &amp; access management, secure mobile &amp; remote access, secure enterprise access, secure transactions and consumer identity protection – sets the standard in the industry. Our strong reputation is built on a 20-year history of ingenuity, leadership and proven technologies, and our more than 17,000 customers around the globe. Together with more than 1,000 technology and integration partners, RSA Security inspires confidence in everyone to experience the power and promise of the Internet. For more information, please visit www.rsasecurity.com.</p>
<p>* Gartner, September 22, 2004 – “Management Update: Keys to Achieving Secure Software Systems” (ID Number: G00124089)</p>
<p>RSA, RSA Security and BSAFE are either registered trademarks or trademarks of RSA Security Inc. in the United States and/or other countries. All other products and services mentioned are trademarks of their respective companies.</p>
<p>Media Contacts
John Back or Maggie Jacka
Kinetics
(02) 9976-6611
maggie@kinetics.com.au</p>
<p>Melinda Hickin
RSA Security Australia Pty Ltd
(02) 9463-8407
mhickin@rsasecurity.com</p>

Most Popular