This is an excerpt of Vormetric’s Encryption Architecture Overview Whitepaper: Protecting Enterprise Data at Rest with Encryption, Access Controls and Auditing
More on subject : www.vormetric.com/datasecurity82
This Vormetric whitepaper discusses data security threats and related incidents, such as security breaches, which can be harmful to any organization operating online. It then goes on to explain the real risks to the enterprise data and how to make encryption successful. The whitepaper also discusses Vormetric encryption, which is a comprehensive solution for key management and encryption of data at rest. The whitepaper on Vormetric Encryption Architecture consists of brief introduction to two most important components of Vormetric Encryption i.e., Data Security Manager and Encryption Expert Agents.
According to whitepaper, some of the advantages of using Vormetric Encryption solution are:
• Encryption and Access Controls
• Transparent Implementation
• High Performance
• Centralized Key and Policy Management
• Strong Separation of Duties
• Role-Based Administration and Domains
• Scalability
• Distributed IT Environments
• High Availability
• Fine-Grained Auditing
2. Data is Your Business
Slide No: 2
!
Data security breaches
are harmful to any
organization of any size.
3. Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.Slide No: 3
2012 DATA BREACH INVESTIGATION REPORT
A study conducted by the Verizon RISK Team with
cooperation from global policing agencies.
34%
35%
94%
People
ServersPeople Devices Servers
4. Protect private and confidential info.
Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.Slide No: 4
Global Compliance
PCI DSS
HITECH Act
UK Data Protection Act
South Korea’s PIPA
And more …
Server Defense-in-Depth Controls
5. Data is Everywhere
Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.Slide No: 5
Unstructured data
File Systems
Office documents,
PDF, Vision, Audio & other
Fax/Print Servers
File Servers
Business Application
Systems
(SAP, PeopleSoft, Oracle
Financials, In-house, CRM,
eComm/eBiz, etc.)
Application Server
Remote locations
& systems
Storage & Backup
Systems
SAN/NAS
Backup Systems
Data Communications
VoIP Systems
FTP/Dropbox Server
Email Servers
Structured data
Database Systems
(SQL, Oracle, DB2,
Informix, MySQL)
Database Server
Security &
Other Systems
(Event logs, Error logs
Cache, Encryption keys,
& other secrets)
Security Systems
! Data exists in different formats, states, and locations.
Traditional Controls are not designed to secure it.
6. Data Security Simplified
Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.Slide No: 6
Transparent
Must be transparent to business
processes, end users, and
applications
Data type neutral – any data,
anywhere
Strong
Privileged users should not have
access to sensitive data
Firewall your data – approved
users and applications allowed,
deny all others.
Efficient
SLA, User, and Application
performance must remain
acceptable
Encryption overhead can
approach zero
Easy
Easy to Understand
Easy to Implement
Easy to Manage
7. Vormetric Data Security
Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.Slide No: 7
Encryption
Agent
Unstructured
Encryption
Agent
Database
SQL Server
2008 / 2012 TDE
Key Agent
Oracle 11gR2
TDE
Key Agent
Data Security
Manager
Vormetric
Key Vault
Vormetric
Encryption
Vormetric
Key Management
8. Vormetric Encryption Architecture
Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.Slide No: 8
Users
Application
Database
OS
File System
SAN, NAS, DAS
Storage
FS Agent
Policy is used to restrict
access to sensitive data
by user and process
information provided
by the OS.
SSL/TLS
9. Protect Server Data
Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.Slide No: 9
DAS SAN NAS VM CLOUD
Log Files
Password files
Config Files
Archive
File Share
Archive
Content
Multi Needs
Data Files
Transaction Logs
Exports
Backup
IIS APACHE WebLogic
DB2 Oracle SQL Sybase MySQL
File Servers FTP Servers Email Servers Others
Log Files
Password files
Config files
Archive
ERP CRM Payment CMS Custom Apps
10. We Secure The Data
That Runs Your Business
Download Whitepaper