|
RSA Acquisition of
Tablus Logical Move for EMC
By Lawrence D. Dietz
RSA, The Security
Division of EMC, announced this week its
intent to acquire Tablus Inc., a provider of data loss prevention solutions
based in San Mateo, California.
Tablus is privately-held; further details of the transaction are not being
disclosed. The Tablus solution will add data discovery and classification,
monitoring, and data loss prevention capabilities to RSA’s
data security portfolio, helping enable the company to better meet the market’s
need for information-centric security by finding and identifying sensitive
data; preventing that data from leaking outside the organization; and
simplifying the management of data security through policy-driven controls.
Data discovery and classification is a critical first step
toward securing data in most organizations, as IT departments grapple with an
explosion of digital information to store, manage, and protect. This
challenge is complicated by the fact that sensitive data exists in three
different forms (database records; messages, such as email; and loose files)
and in three different contexts (at-rest on datacenter storage; in-motion
through the network; or in-use on laptops, mobile devices, and portable
storage). Comprehensive data discovery and classification must directly
address this complexity. To that end, RSA
will combine Tablus products with the EMC
Infoscape intelligent information management solution to create a common
platform that is engineered to enable organizations to discover, classify and take policy-based action on all of their
data. Specifically, Tablus’s expertise in quickly and accurately locating and
protecting valuable intellectual property, sensitive personal information,
and security-related content will be combined with Infoscape’s solutions for
managing data according to specific governance requirements regarding
retention and archiving, as well as preparation for litigation support
through e-discovery.
An understanding of the information landscape gives
organizations the ability to establish and enforce data security policy and
prevent data loss. This enforcement can take many forms, from data erasure,
bulk encryption, and digital rights management to simple movement and
quarantine. These various enforcement mechanisms need to be applied at different
points in the IT system: at the point of storage, at the point of creation,
or at other times in the network. In recognition of this reality, RSA
plans to integrate the Tablus offering with its existing data control assets
in the fields of encryption, key management, and information rights
management, and partner openly with industry leaders to enable policy-driven
enforcement of data security where it makes the most sense.
The ability to establish, enforce
and audit data security policy is central to this vision. Specifically,
enabling policy-driven data security controls throughout the infrastructure
that are fully and mutually interoperable would address not only the data
security problem, but also the associated cost of operation. Together with RSA’s
data security assets, EMC Infoscape and
strategic partners, the core technology and intellectual property of Tablus
will allow organizations to build robust policy around sensitive data, and
distribute the enforcement of that policy as needed when that data is copied,
moved or accessed.
Very few vendors have appreciated the interaction across
data classification, document life cycle management, archiving, storage
optimization, data loss prevention, privacy, auditing
and security. All these entities must work in concert to help the
organization accomplish its business goals, safeguard its sensitive
information and intellectual property, optimize its governance, and reduce
its legal vulnerability and expenses. By combining the information rights
management capabilities embodied in the Tablus product line into the security
division it’s clear to us that EMC
recognizes the totality of the electronically stored information universe.
RSA’s acquisition
signals a new stage in the evolution of the data loss prevention
market place. Up to this point
the DLP space has been the province of
smaller firms each trying to eke out a small piece of a nascent but growing
market. IBM’s Princeton Software was a
signal by IBM of its intentions and now
that we have seen EMC make its move, we
expect to see others like Symantec follow suit, perhaps stimulating a minor
scramble to acquire respectable technology early in the market’s development.
The key to success in the market, however, is not necessarily technology, but
services and linkages to the various service providers in the litigation
support market and the SIs who serve the large end users. It remains to be
seen if hardware-oriented firms like EMC
and its RSA division are able to bridge
the gap for their customers.
|