BANGALORE, INDIA: Businesses are faced with regular security threats with increasing data breaches. Consequently, security solutions are finding better uptake among both enterprises and small businesses.

RSA, the Security Division of EMC, is the leading provider of security solutions for business acceleration. RSA offers industry-leading solutions in identity assurance and access control, encryption and key management, compliance and security information management and fraud protection. It enables customers to cost-effectively secure critical information assets and online identities wherever they live and every step of the way, and manage security information and events to ease the burden of compliance.

As a leader in meeting the compliance and PCI data security standard (DSS) requirements of enterprises, RSA's research shows that a majority of the merchants approach the PCI DSS as an opportunity to protect their brand and their consumers rather than as an opportunity to mitigate legal exposure. Today, RSA has turned its attention towards the Indian market and is aiming big at the BPO market. 

"In India, RSA is focusing within the BPO market to address its variety of specific requirements by developing technology and help them secure their data," says David Howell, senior manager, Compliance Solution, RSA.

RSA's solutions mainly cater to the BPO industry, BFSI, government, telco and retail segments, respectively.

"The BFSI sector already has the financial, audit and information risk management solutions.  As regards BPOs, they have a sophisticated approach to security. Data security is the first thing on their mind," says Howell.

He adds: "The Indian market is definitely a growth area for us. In the US, we see that 48 out of 50 states have different data privacy laws. So, the experience of having met the requirements of various places helps us cater to the Indian market in a better way."

"One should understand that when companies are looking at the requirements of security solutions, they are not looking at who is framing the laws/regulations," he adds. "We look at asset risk management and compliance is not that dominating."

Howell says: "When we talk of data security among Indian enterprises, what becomes important are the requirements like PCI, PII, the kind of IP you have, the type of data you have for your business. They should realize that, 'the type of data I need to protect is important and how to protect that data based on the risk."

"From a high-level standpoint, we are working with BPOs and financial services institutions. We are trying to understand what they should do in terms of security from a compliance point of view," he adds.

The value of data and putting up right level of security in place is very important to help close the gap. "What we see in different geographies is that IT security at times is developing and building your programs more from the internal requirement point of view. "RSA helps enterprises not only from the IT security point but from compliance point of view as well." Here, ISO 27002 plays a major role.

From a compliance and data protection stand point:

* Understand where your data resides
* Protect the data
* Monitor and understand the data from a discovery stand point.
 
RSD DLP (data loss protection)
It is an interesting technology which has created a whole lot of excitement in the Indian market. It helps stop data leakage from your environment. It prevents accidental disclosure of data when you work from remote places.

Authenticate solution
The RSA enVision Platform provides the only security information and event management solution that delivers 100 percent visibility into all security threats across your entire information infrastructure – from switches and routers, to security devices, host assets, applications, servers and storage. It monitors your data actively, collects logs and correlates them. It draws a baseline and understands what is the requirement. Works based on the security policies built up. 

"It collects and retains 100 percent data, which is important from a compliance standpoint. Adoption of this technology is evidence that organizations are taking security seriously. In addition, compliance is being viewed as an end-point to protect data by enterprises," says Howell.

RSA two-factor authentication
Companies globally use RSA two-factor authentication for remote access. It i an event-based, one-time password (OTP) authenticator in a flexible card form-factor designed to help financial institutions and their customers secure online accounts and transactions with two-factor authentication. It can be run on BalckBerry, as well as on a Google Tool Bar. "RSA is the world leader in two factor authentication. It is a world standard," he says.

Acquisition by EMC
RSA is in business for over 20 years. Known as a world-wide leader in two factor authentication, envision, and Bsafe, RSA was acquired by EMC two years ago. "Acquisition by EMC has given us the breadth and resources. It has been one of the core strengths for us," he concludes.