1 / 17

Vormetric Data Security

Vormetric Data Security. Cloud Computing. Who is Vormetric?. Founded in 2001 Purpose: To Simplify Data Security Customers: 1100+ Customers Worldwide OEM Partners: IBM Guardium Data Encryption Symantec NetBackup MSEO. Data Security Simplified. Transparent

dannon
Download Presentation

Vormetric Data Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Vormetric Data Security Cloud Computing

  2. Who is Vormetric? • Founded in 2001 • Purpose: • To Simplify Data Security • Customers: • 1100+ Customers Worldwide • OEM Partners: • IBM • Guardium Data Encryption • Symantec • NetBackup MSEO

  3. Data Security Simplified • Transparent • Must be transparent to business processes, end users, and applications • Data type neutral – any data, anywhere • Efficient • SLA, User, and Application performance must remain acceptable • Encryption overhead can approach zero • Strong • Control Privileged Users access to sensitive data • Firewall your data – approved users and applications allowed, deny all others. • Integrated Key Management • Easy • Easy to Understand • Easy to Implement • Easy to Manage

  4. Data is Everywhere Public Cloud (AWS, Rackspace, Smart Cloud, Savvis, Terremark) Virtual & Private Cloud (VMware, Citrix, Hyper-V) Unstructured Data File SystemsOffice documents, SharePoint, PDF, Images, Audio……etc… Business Application Systems (SAP, PeopleSoft, Oracle Financials, In-house, CRM, eComm/eBiz, etc.) Application Server Remote Locations& Systems Security & Other Systems (Event logs, Error logs Cache, Encryption keys, & other secrets) Security Systems Storage & Backup Systems SAN/NAS Backup Systems Data Communications VoIP SystemsFTP/Dropbox ServerEmail Servers Structured Database Systems (SQL, Oracle, DB2, Informix, MySQL) Database Server

  5. Advanced Persistent Threat Reducing the Threat Landscape • A Defense in Depth Strategy is essential to combating APT • Controls and Safeguards are intended to combat the APT at different points in its life cycle • The goal is the APT is to gain access to you most valued possession, you data • APT’s are already at work on your network. The Data must be protected locally, at the point of access • Protect what Matters Image from Secureworks.com

  6. Control and Defend

  7. Transitioning to the Cloud Database Encryption Cloud Encryption Unstructured Data Encryption • Usage: Encrypt Tablespace, Log, and other DB files • Common Databases: Oracle, MSSQL, DB2, Sybase, Informix, MySQL… • Usage: Encrypt and Control access to any type of data used by LUW server • Common Data Types: Logs, Reports, Images, ETL, Audio/Video Recordings, Documents, Big Data… • Examples:FileNet, Documentum, Nice, Hadoop, Home Grown, etc… • Usage: Encrypt and Control Access to data used by Cloud Instances • Common Cloud Providers: Amazon EC2, Rackspace, MS Azure, Savvis, Terremark AT&T, SoftLayer +++

  8. Vormetric Data Security • What is it? • Integrated solution that controls access to data… • What does it do? • Controls what users and processes can access data • Enforces access controls with encryption of any type of data transparently • Provide security intelligence around your data

  9. Transitioning to the Cloud Data Encryption Security Intelligence Data Firewall • Encrypts file system and volume data transparently to: • Applications • Databases • Storage Infrastructure • Integrated Key Management • High Efficiency Encryption • Need to know access to data, based on approved behavior. • Separate data access from data management for system privileged users • Rich event driven audit logs for approved and denied attempts to sensitive data • Multiple reporting options to enable actionable security intelligence • More than just audit reports – prove data is protected

  10. Locking down the CSP Admin Policy ≈ Firewall Rules Rules have Criteria and Effects Criteria • User/Group, Process, Data Location, Type of I/O, Time Effects • Permission: Permit or Deny • Encryption Key: Yes or No • Audit: Yes or No The Rules of a policy work like a firewall rule engine • Receive criteria from request. • Try to match Criteria to Rules. Start at the top. • On first match apply the associated Effect. • If no match, then deny

  11. Locking Down the CSP Admin

  12. Vormetric Data Security : Single Pane of Glass Traditional Infrastructure Cloud Computing AWS, RacSpace, Saavis… Data Security Manager Unstructured Unstructured VormetricVault Database Database

  13. Vormetric Data Security : Single Pane of Glass Traditional Infrastructure Cloud Computing AWS, RacSpace, Saavis… Data Security Manager Unstructured Unstructured VormetricVault Database Database

  14. Vormetric Data Security Product Suite • Vormetric Encryption • Purpose: Transparent Data Encryption and Access Control of structured and unstructured data • Use Cases: Database Encryption, File Encryption, Privileged User Data Management • Vormetric Key Management • Purpose: Key Management for other Encryption platforms • Use Cases: Application Encryption, TDE Key Management • Vormetric Vault • Purpose: Securely store and report on Security Materials • Use Cases: Key Vaulting, Certificate Vaulting, Vaulting of other Security materials. • Vormetric Toolkit • Purpose: Automate and accelerate deployment • Use Cases: Cloud Providers, Enterprise Deployments

  15. Technical Benefits • Transparent • No changes required to Database, Application or Storage • Data type neutral – any data type • Efficient • SLA, User, and Application performance are maintained • Encryption overhead is minimal • Rapid Deployment • Strong • System privileged users can be restricted from accessing sensitive data • Firewall your data – approved users and applications allowed, deny all others. • Integrated Key Management • Easy • Easy to Understand • Easy to Implement • Easy to Manage

  16. Vormetric Data Security Protect what matters Jeff Sherman Regional Sales Manager Bill Goodman Sales Engineer

More Related