SafeNet Theatre Presentation

Download Report

Transcript SafeNet Theatre Presentation

Dell Compellent and SafeNet KeySecure

2

SafeNet: What We Do

Trusted to protect the world’s most sensitive data for the world’s most trusted brands.

We protect the most money that moves in the world, $1 trillion daily.

We protect the most digital identities in the world.

We protect the most classified information in the world.

FOUNDED

1983

REVENUE

340m

EMPLOYEES

1,500+

In 25 countries OWNERSHIP

Private

GLOBAL FOOTPRINT

25,000+

Customers in 100 countries ACCREDITED Products certified to the highest security standard 2

3

Why Data at Rest Encryption?

Secures data wherever it resides

• Data remains secured both in and out of the data center • Secures data in event of drive, array or Storage Center system theft • Protect intellectual property and digital assets from unauthorized access

Full data control

• Only authorized users with appropriate keys have access. • • • Key loss or deletion renders data permanently unreadable. Keys never appear in the clear on outside networks Log and audit user access to IP

Compliance

• • • PCI-DSS, HIPAA, Basel II, 46+ State Laws, European Union requirements Regulatory violations bring financial and legal penalties Proactive security and reputation preservation have compelling ROI

4

Dell Compellent Self-encrypting Drives (SED)

Secures data against

– lost, transported or stolen drives – theft of entire array – theft an entire Storage Center system •

100% unrecoverable keys

– Key loss means data loss. No back door to access data on stolen drives •

Removed or stolen drives are automatically locked

– – Even if platters are placed on a spin stand, data is secure Keys are secure and never passed in the clear on outside networks •

Robust encryption and security

– Secured using 256-bit AES encryption – Option to operate in non-SED mode without system impact – FIPS 140-2 Level 2 security •

Instant cryptographic erase

– Delete keys to decommissioned drives to render data unreadable – Cryptographically erase data on individual drive basis 4

5

SafeNet KeySecure

Enterprise Key Management • • • •

Each SED contains its own encryption key. How do you effectively manage an entire datacenter?

Centralized key management

– – – – Store, manage, generate, distribute, rotate, back up, activate, deactivate, and destroy keys Up to 1 million keys per cluster High assurance level Geographically dispersed operations

Standard-based approach: OASIS KMIP

– – – Manage keys for: Dell Full Disk Encryption Other supported 3rd party KMIP-based solutions Supports key management for cloud solutions

Hardware encryption key storage

– Maintain encryption keys in SafeNet Luna SA (HSM) and PCI Card

World Class Support Services

– 7x24x365 Support offerings available

k150

25,000 max keys 100 max concurrent clients FIPS 140-2 Level 1

k460

1,000,000 max keys 1,000 max concurrent clients FIPS 140-2 Level 3 5

6

KeySecure manages keys for many vendors

Key Benefits

7 •

Centralize Encryption Key Management

– Unify key management (e.g. key generation, escrow, recovery) for all Compellent self-encrypting drives and other KMIP compatible solutions in SafeNet’s partner ecosystem behind an intuitive graphical user interface.

Multi-Tenant Data Isolation

– Share storage resources while securing data by business policy to segregate data for multiple departments, business units, or customers.

High Availability Configurations

– Cluster appliances to maintain encrypted data availability in geographically dispersed data centers.

Separation of duties.

– Segment key ownership and management based on individuals or by group owners to protect sensitive material against unauthorized access from staff.

Auditing and Logging

– Detailed logs can be used by SIEM reporting tools such as IBM QRadar, Splunk and others for improved day-to-day operations management and easier compliance reporting .

8

KeySecure Summary

Security Performance Flexibility Manageability

• Hardware-based, centralized key and policy management • FIPS/CC certified solution • Authentication and authorization • Low and high performance models (k460, k250, k150, k150v) • Models matched to performance requirements • Efficient backup/restore capabilities, local encryption option • Support for heterogeneous environments (app, db, file) • Support for open standards and APIs and stress KMIP • Range of enterprise deployment models • Intuitive, easy-to-use administration • Separation of duties • Centralized policy management

Availability

• Enterprise clustering and replication • Load balancing, health checking, and failover • Geographically distributed redundancy

9

Questions?

Blair Semple

Director Business Development [email protected]

For more information visit: http://www.safenet-inc.com/partners/dell