April 15, 2013

EMC at Merge 2013: Castles in the Air Need Secure Foundations

MERGE User Conference

emc logoSecurity often mirrors version management's goals of traceability, reproducibility, and auditability. Why, then, is it too often pushed down the priority list? One common reason is that SCM admins just don’t have the background to quickly understand security goals and impact. In her Merge 2013 talk, Stephanie Woiciechowski, principal software engineer for EMC's product security office, aims to bridge that knowledge gap, making security easier for all teams to understand and implement.

Cloud or no, one can no longer assume private corporate networks are safe, according to Stephanie. In her talk, "Source Code Protection: Evaluating Source Code Security," she reveals how EMC, a global leader in cloud-based IT services, has adapted to this new reality by shifting focus to in-depth defense of internal systems that hold product code, protecting both intellectual property and customer interests. Conference attendees will get a high-level view of EMC's best-of-breed process improvements, its standard product security policy, and how it assesses internal compliance via an enterprise governance, risk and compliance (eGRC) system.

A little security knowledge for the average SCM admin or developer can go a long way towards supporting organizational security goals and having good security dialogues. Above all, says Stephanie, “If you have built castles in the air, your work need not be lost; that is where they should be. Now put the foundations under them.”

Hear Stephanie’s and other Perforce stories at Merge 2013, The Perforce Conference, April 24-26 in San Francisco.