Embed Size (px)
DESCRIPTION
Citation preview
www.Vormetric.com
Defend the Core: Protecting Business Critical
Data
BRUCE JOHNSONVP Worldwide Sales & Services
Data is Everywhere
Remote Locations & Systems
vvUnstructured Data
File SystemsOffice documents,
PDF, Vision, Audio & other
Fax/Print ServersFile Servers
Storage & Backup Systems
SAN/NASBackup Systems
Data Communications
VoIP SystemsFTP/Dropbox Server
Email Servers
Business Application Systems
(SAP, PeopleSoft, Oracle Financials, In-house, CRM,
eComm/eBiz, etc.)Application Server
Security & Other Systems
(Event logs, Error logsCache, Encryption keys,
& other secrets)Security Systems
Structured DataDatabase Systems
(SQL, Oracle, DB2, Informix, MySQL)Database Server
!Data exists in different formats, states, and locations.Traditional Controls are not designed to secure it.
Virtual &
Cloud
Data Security Drivers
Are we Compliant?PCI DSS, HIPAA/HITECH, SOXUK Data Protection Act & EU Data Protection DirectiveExecutive mandates to avoid unwanted media headlines
Are we Secure?How can I protect my data?Who is accessing my data?What are my privileged users doing?
Are IT Operations Optimized?Disruption of existing IT infrastructure is painfulRe-architecting applications or storage is expensiveSimplify security operations to minimize costs
Drivers for Encryption
Compliance to regulationsPCI, HITECH, State PII laws, EU laws, Int’l Laws
Customer or executive mandatesIncreasing customer contractual demands to encrypt data
Limit or reduce personnel allowed to access sensitive data
Executive mandating encryption for safe harbor or to avoid breach notification
Better Defense and Depth Data SecurityProtect against threats that can cause a breach
Transformational technologyProtect data in Physical, Virtualized and Cloud environments
VORMETRIC
About Vormetric
Founded in 2001
Purpose: To Simplify Data Security
Customers:1000+ Customers Worldwide, 16 of the Fortune 25
Technology Partners:IBM – Guardium Data Encryption
Symantec – NetBackup MSEO
Example Strategic RelationshipsIntel
Imperva
Market Challenges We See
Too many encryption products
I have to Implement quickly“I have a pending audit, how can I secure data quickly?”
Performance Is Critical“Performance of our existing solution is not what we had hoped, how can we secure our sensitive data with minimal overhead?”
Keys are Everywhere“I am starting to get overwhelmed with key management, is there something that can help me manage them centrally?”
I have 3 different solutions for 3 different platforms and now I am introducing another platform, how can I protect sensitive data with just one solution?
“
“i
Data Security Simplified
TransparentMust be transparent to business processes, end users, and applications
Data type neutral – any data, anywhere
StrongPrivileged users should not have access to sensitive data
Firewall your data – approved users and applications allowed, deny all others.
EfficientSLA, User, and Application performance must remain acceptable
Encryption overhead can approach zero
EasyEasy to Understand
Easy to Implement
Easy to Manage
Protect Server Data
DAS SAN NAS VM CLOUD
Log FilesPassword filesConfig FilesArchive
File ShareArchiveContentMulti Needs
Data FilesTransaction LogsExportsBackup
IIS APACHE WebLogic
DB2 Oracle SQL Sybase MySQL
File Servers FTP Servers Email Servers Others
Log FilesPassword filesConfig filesArchive
ERP CRM Payment CMS Custom Apps
Server Tier
Data Tier
Application Tier
Storage Tier
Internet
Operating System
Database
Applications
Data
Network Security Layers of Defense
FirewallIDS / IPSContent filtering
DLPIAM
DAM
WAF
Data Security Layers of Defense Encryptio
n
Encryption
Layered Enterprise Security
Server Tier
Data Tier
Application Tier
Storage Tier
Data Security Layers of Defense
Network Security Layers of Defense
FirewallIDS / IPSContent filtering
DLPIAM
Imperva+Vormetric Protect Your Data
Database
Applications
Data
Operating System
Internet
Vormetric
Database file encryption, OS-level audit & access
controls
Encryption key management
Imperva
Awareness of Database users & rights
Database Activity audit & access controls
Database
Applications
Users
Data
Layered Database Security Solution
Operating System
Imperva and Vormetric Threat Coverage
Typical Threats:Unauthorized access to sensitive database data
Typical Threats:Unauthorized system access to data, mitigate risk of lost media (server, disk)
Vormetric
Imperva
Database
Applications
Users
Data
Operating System
Imperva + Vormetric
Imperva SecureSphere Data Security Suite: Protect high-value business databases in the data center
Audit and monitor user access to sensitive data across heterogeneous database platforms
Generate alerts or block access when prohibited or anomalous database access occurs
Advanced analytics and reporting to accelerate incident response and forensic investigation
Vormetric Data Security: Encrypt, audit and control access to sensitive data files
Transparent encryption of structured (database) and unstructured data
Physical, virtual and cloud environments
Integrated encryption key management and management for Transparent Data Encryption keys
Protect against external threats (hackers with user credentials) and most internal threats (IT admins, etc)
Use Cases
Business Use Cases
Data Base Encryption
From Standalone DB Instances, to Clustered Database Environments
Oracle, MSSQL, DB2, Sybase, Informix, MySQL, Postgres
Big Data and NoSQL Big Data Typically Use Unstructured Data Stores, Distributed Across Many Hosts MongoDB, Hadoop, Cloudera, CouchDB
UnStructured Data – Application Servers Supporting Data for Application Specific Data
Logs, Reports, Exports,
Audio/Video Recordings
Document Management Documents, Files, etc.
Common Vendors: Documentum, SharePoint, FileNet…
Four Common Use Cases
Fortune 500 Medical Devices: Protects SAP Data without Oracle/Solaris changes
Business ProblemGlobal Compliance
PII, PHI, EU Data Protection, UK Data Protection, US HIPAA/HITECH
Executive Mandate for total data protection for all SAP data
Technical RequirementTransparent protection without changes to Solaris OS, Oracle DB or apps
No changes to SAP Infrastructure investment
Solutions DeliveredImperva SecureSphere Database Activity Monitoring
Vormetric Encryption to encrypt data at rest
Results AchievedPolicy driven Security
Complete data protection satisfies multiple compliance initiatives
Forensic audit data for platforms and data
Fortune 500 Financial Services: Protects Data at Rest and Manages Access
Business ProblemBasel II & US banking regulations
EU Data Privacy and data across bordersEnterprise centralized datacenters to conserve costs but needed to ensure users only accessing data for their specific country
Technical RequirementsHeterogeneous database security including DB2, Oracle, Microsoft SQL Server with multiple versions of the same database
Protecting information at rest and managing privileged usersEnsuring database procedures only executed by right user for right tables.
Solutions DeliveredImperva SecureSphere Database Activity Monitoring (DAM)
Vormetric Encryption
Results AchievedCompliance with global banking regulations and EU privacy requirements
Operational efficiency with consistent security posture across heterogenous database environment.
SUMMARY
Vormetric + Imperva Combined Value
Robust Security: Ensures privileged users do not access to sensitive data
Transparent: No disruptions to business operations
No changes to applications, databases, storage
Near zero performance impact
Manageable: Minimize costs and maximize ROI by protecting and auditing heterogeneous database environments
Quick: Rapid deployment without disrupting existing environments
www.Vormetric.com
Thank You
www.vormetric.com@Vormetric
