With security and compliance becoming a major concern for virtually all organizations, Dell EMC’s interrelated set of product security programs ensure that Dell EMC products are built with security in mind. We apply best practices at every stage of the Dell EMC development lifecycle as well as in the post-release response process.
Dell EMC has established a comprehensive approach to secure software development that goes across policy, people, processes, and technology.
Standardized Product Security
Dell EMC’s internal product security standard—the Dell EMC product security policy—is a common reference for Dell EMC product organizations to benchmark product security against market expectations and industry best practices.
Security-aware Engineering Community
Dell EMC offers a security engineering curriculum to train new and existing engineers on job-specific security best practices and how to use relevant resources. Dell EMC strives to create a security-aware culture across its entire engineering community.
Repeatable, Secure Development Process
Dell EMC’s security development lifecycle overlays security on standard development processes to achieve a high degree of compliance with the Dell EMC product security policy. The Dell EMC security development lifecycle follows a rigorous approach to secure product development that involves executive-level risk management before our products are shipped to market.
Dell EMC has built in security capabilities across its product suite utilizing best-in-class security technology for authentication, authorization, accountability, encryption, and key management. These capabilities ensure that Dell EMC offering can seamlessly integrate with customer environments and help customers meet their security objectives and compliance requirements.
• Dell EMC Isilon OneFS – describes identity management, authentication, and access control play in the security system of the Dell EMC Isilon OneFS operating system.
• Dell EMC XtremIO - introduces XtremIO Data at Rest Encryption and explains how it handles the challenges of protecting data, without impacting performance or other services that are provided by the XtremIO All-Flash Array.
• Dell EMC SC Series - building a secure Dell EMC™ SC Series storage area network (SAN) with operational environment best practices and self-encrypting drives.
• Dell EMC VxRail - resilient hyperconverged infrastructure system that protects vSphere®-based virtual environments.
• Dell EMC VxBlock Systems - delivers turnkey SAN-based solutions for mission-critical workloads
• Security Configuration Guides (log in required to access content) - To help customers adapt Dell EMC products to their organizations’ unique usage requirements, describing product security settings and proper deployment procedures.
Dell EMC is a member of the Forum of Incident Response and Security Teams (FIRST), a set of computer incident response teams that handle computer security incidents and promote incident prevention. FIRST members share technical information, tools, and best practices
Dell EMC cofounded the Software Assurance Forum for Excellence in Code (SAFECode) to increase trust in information technology (IT) by advancing software assurance. SAFECode is an industry effort to promote best practices for the development of secure products.
Dell EMC is a member of the Information Security (InfoSec) Committee of TechAmerica, The Committee leads improvements in the security of the nation's information infrastructure through cooperation between industry and government.