Year after year, studies such as the Verizon Data Breach Investigation Report show software vulnerabilities and misconfiguration among the main data breach causes. BatonAt EMC, we operate under the assumption that securing a product in a customer environment is a team sport between the product vendor and the customer deploying the product. The vendor plays a greater role upstream with a focus on adopting secure development practices and in properly handling and responding to vulnerabilities reported on the product. The customer takes the baton from the vendor and plays a larger role downstream by taking the necessary steps to securely deploy and maintain the product.

Having a baton to pass from the vendor to the customer is critical to facilitate the secure deployment of a product. For our products, the baton takes the shape of a security configuration guide. It is a document required by EMC’s Security Development Lifecycle for each product that centralizes in a single guide all information required to change and optimize the security settings of the products. If you are an EMC customer, you can find this information on our support website’s security configuration guide page.

I am also glad to announce that if you are attending EMC World starting on May 6th in Las Vegas, there will be several security sessions on security including one by Matt Coles from the Product Security Office on “How EMC Enables You to Secure Your Storage Infrastructure” which will explore guidelines for managing VMAX and VNX products securely. Make sure you attend!

Eric Baize

Eric Baize

Eric Baize is Senior Director of the Product Security Office at EMC Corporation. He leads the Product Security Office with company-wide responsibility for product security and supply chain assurance, covering vulnerability response handling, security development lifecycle implementation, supply chain risk management, coordination of security certifications and integration of RSA technology in EMC products and solutions. More ...
Tags: , , , , ,

Leave a Comment

Comments are moderated. Dell EMC reserves the right to remove any content it deems inappropriate, including but not limited to spam, promotional and offensive comments.