#MicroFocusCyberSummit
SecureData Sentry Accelerate your migration to cloud workloads Alistair Rigg & Phil Sewell #MicroFocusCyberSummit
Enterprise Cloud Trends and Risks Cloud Trends Security Risks and Concerns An average of Cloud is the 27 #1 target for security spend increase by different cloud apps and services Chief Security Officers 2 are used by an enterprise 1 1: The 2018 Global Cloud Data Security Study, by Ponemon Institute LLC, 2018 2: 2017 Security Priorities, survey of Chief Security Officers, IDG, 2017
But Data Protection Must Not Hinder: Spinning up cloud workloads at the speed your business demands Adopting XaaS IT solutions for hybrid computing opex economies Accessing data for business processes and analytics
Solution: Use De-identified Data in the Cloud First name: Kijx Protect “de - identified” data at global scale Last name: Yöecä Company: aICb Transfer protected/ingested data to the cloud Maintain real-world value, control – usability First name: John Last name: Smith Eliminate the need to decrypt or use live data Company: ACME Micro Focus Confidential
Top Data Security Challenges in the Cloud Platform Gaps in controls Compliance Multi-tenancy concerns IaaS PaaS PaaS SaaS SaaS IaaS × Lack of control × Insider threats, × Lack of protection × Stricter legislation, over platform malicious code in a across multi-cloud GDPR, HIPAA shared environment and on-premises × Data residency Cloud customers need a data-centric approach for cloud data protection 6
Voltage SecureData: End-to-End Security in the Cloud End-to-End Meets Platform Neutralizes Coverage Compliance agnostic threats IaaS PaaS PaaS SaaS SaaS IaaS Data unusable for Protection Data protected Encrypted data attacker/ insider embedded into in-transit, in-use, may not trigger the data itself at rest penalties De-identified data provides end-to-end protection, across hybrid environments, accelerating DevOps 7
Voltage SecureData Platform Voltage Stateless Key Management Quick time-to-value Complete end-to-end protection within a common No key database to store, manage or compromise approach to deploying Voltage data protection across endpoints High performance and scalability for modern IT Format-preservation maintains transparency, usability Encryption and tokenization technologies Sentry accelerates deployment with non-disruption Customize solutions to meet exact requirements and regulatory mandates (e.g., PCI, anonymization) Atalla HSM Voltage SecureData Broad platform support Voltage SecureData Management Console Consistency from on-premises to hybrid cloud Structured and unstructured data coverage Agnostic for Linux, Hadoop, Windows, AWS, IBM API z/OS, HPE NonStop, Vertica, Teradata, etc. support Voltage Voltage Voltage Voltage Voltage SecureData SecureData SecureData SecureData SecureData Web Services API Command Lines native APIs File Processor Sentry (REST, SOAP) & Automated (C, Java, C#, .NET) File Parsers 8
Voltage SecureData Cloud: Data-centric Cloud Protection SecureData management infrastructure running natively in cloud-hosted environments Deployed directly within Azure and AWS Accelerates adopting new business models – spin up DevOps with data protection Innovate more easily and accelerate time to value, combined with SecureData Sentry Native protection on AWS with SecureData Cloud for AWS – reduces opex on-premises 9
Voltage SecureData – Data Security Platform Atalla HSM Authentication & Voltage authorization sources Voltage SecureData SecureData (e.g. active directory) Management Console iOS and Android Volume Key Voltage Voltage Voltage Voltage SecureData Voltage SecureData Voltage SecureData Partner Voltage Payment devices Management SecureData SecureData SecureData File Processor Native UDFs z/Protect, z/FPE integrations SecureData terminals Web Services API Command Lines & native APIs Sentry (REST, SOAP) Automated File (C, Java, C#, .NET) Parsers Policy controlled data protection and masking services & clients Business applications, data stores and processes Mobile apps Volumes and Enterprise Production ETL & data 3rd party Teradata, Voltage Mainframe Network Web/cloud SaaS apps Payment storage applications databases integration applications Hadoop & Nonstop applications & Interceptors applications systems suites Vertica Applications & databases (AWS, Azure) Databases 10
Voltage SecureData – Data Security Platform Atalla HSM Authentication & Voltage authorization sources Voltage SecureData SecureData (e.g. active directory) Management Console iOS and Android Volume Key Voltage Voltage Voltage Voltage SecureData Voltage SecureData Voltage SecureData Partner Voltage Payment devices Management SecureData SecureData SecureData File Processor Native UDFs z/Protect, z/FPE integrations SecureData terminals Web Services API Command Lines & native APIs Sentry (REST, SOAP) Automated File (C, Java, C#, .NET) Parsers Policy controlled data protection and masking services & clients Business applications, data stores and processes Mobile apps Volumes and Enterprise Production ETL & data 3rd party Teradata, Voltage Mainframe Network Web/cloud SaaS apps Payment storage applications databases integration applications Hadoop & Nonstop applications & Interceptors applications systems suites Vertica Applications & databases (AWS, Azure) Databases 11
Platform Support and Design Fundamentals: Securing Cloud Workloads Corporate Protect on-premises and Data Center Amazon deploy protected data to Web Services Voltage Voltage the cloud Servers Servers and / or Windows Azure Enable protect & access within compute workloads Name SSN Credit Card # James Potter 385-12-1199 3712 4567 8901 1001 Ryan Johnson 857-64-4190 5587 0806 2212 0139 Compute Deploy Voltage Servers Carrie Young 761-58-6733 5348 9261 0695 2829 Brent Warner 604-41-6687 4929 4358 7398 4379 into AWS and Azure * Name SS# Credit Card # Anna Berman 416-03-4226 4556 2525 1285 1830 James Potter 385-12-1199 37123 456789 01001 Ryan Johnson 857-64-4190 5587 0806 2212 0139 Plan for containerization Carrie Young 761-58-6733 5348 9261 0695 2829 Brent Warner 604-41-6687 4929 4358 7398 4379 Name SS# Credit Card # Anna Berman 416-03-4226 4556 2525 1285 1830 of Voltage Servers Kwfdv Cqvzgk 161-82-1292 3712 3486 3545 1001 Veks Iounrfo 200-79-7127 5587 0856 7634 0139 Data Pdnme Wntob 095-52-8683 5348 9209 2367 2829 opening up other cloud Eskfw Gzhqlv 178-17-8353 4929 4333 0934 4379 opportunities, incl. Jsfk Tbluhm 525-25-2125 4556 2545 6223 1830 Google Cloud Salesforce SecureData Sentry Google SaaS data protection with Microsoft Cloud Platform Voltage SecureData Sentry Dynamics CRM
Voltage SecureData Sentry Addresses CISO Concerns Simplifies Accelerates Lowers Cost Centralizes Deployment Time-to-Value of Compliance Control (Non-Disruptive) (High ROI) (Transparent) (Comprehensive)
What is Voltage SecureData Sentry? Data privacy & security Secure analytics, privacy and Hybrid cloud data protection & compliance & risk reduction pseudonymization collaboration Voltage Voltage SecureData SecureData Sentry + Enterprise, Big Data, Cloud, Mobile Transparent Integration for and Payments data security - Cloud SaaS, Enterprise and Tokenization, encryption, masking COTS apps
SecureData Sentry – Data Security for the Cloud Phone Number +49 (162) 4297109 ALM Octane Microsoft Salesforce Dynamics CRM ALM/QC
SecureData Sentry – Data Security for the Cloud Phone Number +49 (162) 4297109 Voltage SecureData Sentry Microsoft Salesforce Dynamics CRM Format-Preserving +49 (162) 8753 109 ALM/QC
Demo Example: Salesforce 17
Demo Example: Salesforce 18
Supported Application Examples ALM Octane Oracle Service Cloud ALM/Quality Center SharePoint 2013 and later Salesforce Classic SAP Hybris Cloud4Customer Salesforce Lightning ServiceNow Salesforce Health Cloud Symantec Endpoint Protection Cloud Salesforce Financial Services Cloud BMC Remedyforce Office 365 Nimonik SugarCRM Fortinet Analyzer Microsoft Dynamics 365 And many, many more… Fortinet Microsoft Salesforce SAP Hybris 19
Voltage SecureData Sentry Technologies Multi-Channel Protection Protection Mechanisms: Protocols and APIs: HTTP / HTTPS REST Format Preserving Encryption (FPE) SMTP SOAP Format Preserving Hashing (FPH) SecureData ICAP / ICAP-S JDBC Sentry Secure Stateless Tokenization (SST) ODBC Identity Based Signature/Encryption (AES) custom and binary protocols ... Key Management: Content: PDF Stateless Key Management HTML DOCX HTML5 GZIP XML Additional Features: XLSX JSON Escaping, e.g. °¿1°kHy7h¿° CSV
Integration with the Voltage SecureData Simple API Management Console Key Servers Atalla HSMs ssnfpe.protect(SSN) ssnfpe.access(SSNe) Web Form Web Application Databases Logs, Reports, Customer Service (Java / Linux) and Backups Application (Windows .NET) SSN: 022-37-2773 SSN: 734-81-9292 SSN: 734-81-9292 SSN: 734-81-9292 SSN: 022-37-2773
Recommend
More recommend