It has become almost trite to say that institutions must operate on the assumption that an attacker will get in. Institutional resilience strategies are chock full of prevention and detection tools, but the evolution of a more advanced set of tools for recovery has yet to become commonplace. Distributed Security falls squarely into that recovery area by splitting critical resources and security processes across servers or services and by adding self healing capabilities that make even silent compromise a recoverable event. This talk describes the types of resources that should be distributed, including authentication decisions, access controls, and collections of personal data, and how that distribution can address institutional resilience, reduce liability and address privacy concerns. We will also discuss deployment strategies and address the benefits and challenges of diversification in a distributed security system.
Sam Curry is Chief Technology Officer, for Identity and Data Protection at RSA, The Security Division of EMC. Mr. Curry has more than 20 years of experience in security product management, development, marketing, engineering, quality assurance, customer support and sales.
Sandy Carielli leads product management for Distributed Credential Protection and the BSAFE portfolio at RSA, The Security Division of EMC.