designed to help strengthen IT security, lower costs of managing compliance, and improve enterprise-wide IT risk management.

The products and integrations include:

1. CA Access Control 12.5 with new features to deliver comprehensive privileged user management and enhanced host access control;
2. Improved integration of CA Identity Manager 12.5 and CA Role & Compliance Manager 12.5
3. for more streamlined identity lifecycle management, including innovative Smart Provisioning capabilities;
4. CA DLP 12.0 with extended discovery, protection, and control of sensitive data, and new integrations to complementary solutions;
5. CA Records Manager 12.6 with additional features for information governance and content protection, as well as addressing compliance demands; and
6. CA Governance, Risk & Compliance Manager 2.5 (CA GRC Manager) with new features to further strengthen its role as the primary platform for management of IT risk and compliance information and initiatives.

“The explosion of data growth and the increase in regulations have created unprecedented security and compliance challenges for organizations,” said Dave Hansen, corporate senior vice president and general manager, CA Security Management. “CA’s Security Management and Governance technologies provide a comprehensive foundation for today’s security and compliance needs. With improved integration and process automation, our customers can better secure their IT environment in a cost-effective manner and more consistently address their internal and external compliance requirements.”

Comprehensive Privileged User Management and Access Control

Most IT organizations have privileged user accounts for their IT administrators which give them extensive access to IT systems. However, privileged access that isn’t properly controlled and may be difficult or impossible to audit can be a serious security threat.

Available today, CA Access Control 12.5 helps manage regulatory compliance by enforcing policy-based control of privileged users and controlling what system resources they can access and what they can do under specific circumstances.

New functionality in CA Access Control includes:

1. Privileged User Password Management – Helps reduce IT risk of privileged user breaches by issuing passwords on a temporary, one-time use basis, or as necessary. This also helps ease compliance processes by providing accountability of shared account access for each privileged user.
2. UNIX® Authentication Broker – Checks credentials of UNIX users via Microsoft® Active Directory®. This allows the consolidation of authentication and account information into the enterprise Active Directory instead of requiring maintenance of UNIX credentials on various systems.
3. Unified Console – Consolidates information and facilitates policy administration from a centralized Web management interface.

“Enterprises must secure sensitive applications due to the risks of data breaches, unauthorized transactions, and compliance review failures,” said Mark Diodati, senior identity and security analyst, Burton Group. “Products that manage privileged accounts, secure the operating system, and provide Active Directory authentication for UNIX systems are critical weapons in the arsenal. Enterprises want integrated ways to leverage these tools to manage the privilege lifecycle.”

Next-Generation Identity Lifecycle Management for Smart Provisioning

CA Identity Lifecycle Management is unique in how it is advancing the way organizations can manage the identity lifecycle. Improved integration of CA Role & Compliance Manager’s patent-pending analytics and policy engine with CA Identity Manager’s ability to automate provisioning processes will help customers execute Smart Provisioning. This allows them to take a proactive approach to meeting security and compliance requirements, while increasing business efficiencies.

The improved integration for Smart Provisioning will be available this quarter and will provide functionality for:

1. Preventative Compliance – Helps organizations proactively prevent business and regulatory policy violations during the provisioning process by automatically checking for policy violations, such as segregation of duties.
2. Out-of-Pattern Alerting – Issues a warning during the provisioning process when access entitlements being granted to a user are significantly different than those of his or her peers.
3. Suggested Roles – Assists in identifying appropriate roles needed by a user by comparing his or her attributes with those of his peers.

CA DLP (Data Loss Prevention)

CA DLP 12.0 addresses the insider threat by helping prevent data loss or misuse across the enterprise and with federated partners. In addition, CA DLP is identity-centric and can apply policy dynamically to end-user activity based on his or her organizational roles for content-aware identity and access management.

New functionality in CA DLP 12.0 is available today and includes:

1. Enhanced Discovery – Provides the ability to scan data locally on endpoints and to scan directly into structured ODBC databases to identify sensitive data.
2. Extended Endpoint Control – Leverages existing data protection policies to control of end-user activity such as moving data to writable CDs or DVDs, and taking a screen print of sensitive content.
3. Seamless Archive Integration – Integrates with CA Message Manager, a product in CA’s Information Governance Suite, to help deliver end-to-end message surveillance, reporting, and archiving.

The CA Security Management offerings announced today help secure both physical and virtual IT environments, while integrating with CA Enterprise Log Manager and other security event and information solutions to help streamline compliance reporting.

Information Governance

CA Records Manager 12.6, available today, is focused on helping customers reduce the complexity and costs associated with managing, controlling and discovering information necessary for compliance and litigation preparedness.

CA Records Manager 12.6 offers the following new and enhanced features:

1. Enhanced Microsoft® SharePoint® Integration – Builds policy controls for retention management and extended security directly into SharePoint.
2. Improved Automation, Proactive Rules-based Search – Enables intelligent and transparent identification, collection (when content cannot be managed in place), record declaration, and ongoing content preservation as it is created.
3. FOIA Workflow – New workflow features help government entities respond to Freedom of Information Act (FOIA) requests in a timely manner to support the renewed focus on an open government. CA Records Manager 12.6 has been verified as compliant with U.S. DoD 5015.02-STD, April 2007.

CA Records Manager was recently awarded the first paired certification for Microsoft Office SharePoint® Server 2007 on U.S. DoD 5015.2 v3 Chapters 2, 3, and 4 which includes FOIA and Classified Records. With these new certifications, CA solidifies its leadership position with the most certified pairings of any industry vendor.

Governance, Risk and Compliance

CA is also announcing the availability of CA GRC Manager 2.5, its unified platform for the management of risk and compliance activities across the enterprise. This new release includes features to help simplify and automate key compliance processes and the ability to integrate with CA Role & Compliance Manager, CA Compliance Manager for z/OS, and CA IT Client Manager.

CA GRC Manager 2.5 is available today and includes the following new functionality:

1. Automated Questionnaires – Allows customers to easily create, distribute, and analyze the results of questionnaires for risk and compliance controls assessments.
2. Robust Reporting Engine – Provides a set of pre-defined, role-based reports, as well as easily configured reports for local needs.
3. Ongoing IT Controls Monitoring – Automates input of IT controls status information into CA GRC Manager and provides a single view of overall IT risk and compliance profiles.
4. Extensions to IT Control Framework – Supports mapping between individual controls and authority documents, featuring a library of more than 400 regulations with mappings to IT controls from the Unified Compliance Framework.
5. Streamlined Management of Select FISMA Requirements –Offers a centrally managed information security system with extensive dashboards and reports, providing instant, comprehensive information about controls and processes related to Federal Information Security Management Act (FISMA) requirements.

CA Services and Support

CA also announced today new Security/Compliance rapid implementation offerings for CA DLP and CA GRC Manager. Rapid implementations are pre-packaged, fixed-price services that provide the experience, best practices and expertise that can facilitate a fast and successful implementation.

CA Support also added new Plus and Premier support tiers, providing designated engineers who can help customers optimize value from CA solutions in managing hybrid physical and virtual environments.

In addition, a new CA High Security Support offering is planned to be made available in the United States on November 17, 2009. This offering will provide extra protection for the sensitive data customers share with CA during support interactions for certain CA products, by maintaining such files in a system authorizing access only by U.S. citizens.