- 28 August 2012 17:21
SafeNet Enters the Virtual Security Market with ProtectV™
Sydney, Aust. - August 28, 2012 - Efficiency, automation, and availability are some of the key benefits of cloud computing. However, many organisations may not be able to take advantage of these benefits due to concerns with regulatory compliance and security risks such as provider access to tenant data.
As more data moves to private or public clouds, the number of super-users with access to an organisation’s data multiplies, the risk of VMs being copied without the owner knowing increases, the possibility of temporary file trails rises, and the organisation’s data is more vulnerable to being compromised. To address the data security issues and deliver control and governance of data in the cloud, SafeNet, a global leader in data protection introduces ProtectV, an encryption solution that has achieved VMware Ready™ status.
ProtectV enables virtual machines and storage volumes to be as secure as physical servers and storage in robust, secure on-premise environment. Customers can reap the full benefits of agility and cost savings by turning their virtual datacentre or cloud into a trusted environment with data governance, control and security.
SafeNet ProtectV is compatible with VMware vShield™ and VMware vCenter™. In addition, SafeNet ProtectV can be used by Amazon Web Services customers to secure their critical data in the cloud.
According to Mike Rothman of Securosis, “The flexibility and abstraction of the cloud means many privileged users can create new virtual instances or copies of virtual environments outside of the management console. They can also change access keys, add access or entitlements, or change permissions. This means that organisations don’t have the same level of control over network access and it’s easier for new virtual servers to be created out of thin air, significantly increasing the risk of data exposure. Security needs to be implemented directly within the virtualised instances, and organisations cannot rely solely on the cloud infrastructure to provide it.”
SafeNet ProtectV helps organisations address these challenges with a solution that centralises the management of encrypting VMs in AWS and VMware environments. Users can manage the policy of what VMs encrypt and who should have access and by doing so, ensuring unified security policies throughout. In this way, it is possible to enjoy the advantages of the cloud and virtualisation, while at the same time, achieving full, auditable compliance with regulations and maintaining the visibility for governance.
Complete VM Security and Data Isolation: SafeNet ProtectV provides granular, full-VM encryption, pre-launch authentication and an on-premise hardware root of trust, delivering comprehensive protection throughout the information lifecycle. ProtectV enables you to run your systems as if it was your own private datacentre, even in co-mingled or multi-tenant environments. Security teams are now able to properly isolate sensitive assets and maintain ownership of their data throughout its lifecycle.
Protection from Rogue Admins: All VMs and associated storage volumes are encrypted, from the VM instances, snapshots and backups, across locations and disaster recovery sites. Super User Admins, who may have control of the virtualisation infrastructure, cannot access the encrypted VMs.
Enforced Compliance: ProtectV provides undisputed control and proof of data governance through audit logs. ProtectV enables organisations to enforce the proper controls, present a trusted audit control regardless of where the data is hosted or stored and sustain compliance with regulations, including PCI DSS, HIPAA and HITECH.
Data Governance and Visibility: ProtectV affords cloud security visibility through a centralised policy enforcement and audit point. SafeNet provides a trusted, high assurance key management environment, delivering undisputed ownership of data and keys. As a result, organisations and their compliance auditors are assured complete control of their keys to their data and ownership with the complete logs for the necessary visibility.
Cross-Platform Key Management: Even the best encryption is meaningless without proper key management. As part of SafeNet’s data protection portfolio, SafeNet ProtectV integrates with SafeNet’s Enterprise Key Management solution, KeySecure™. KeySecure enables security teams to centrally and uniformly manage cryptographic keys across a wide variety of their organisation’s encryption platforms, streamlining key and policy administration.
SafeNet Executive Commentary: “Virtualisation and cloud computing offer tremendous benefits in cost and agility, but organisations cannot use the same security approach they use for a physical datacentre. Today, organisations have more data than ever before - more data means more threats, and some of the biggest threats are right there in the organisation. ProtectV is the first security solution for cloud and virtual datacentres that enables control, compliance and governance of critical data. By encrypting the data itself, organisations maintain control of high-value assets throughout the information lifecycle, including protecting against rogue admins, and have the ability ‘digitally shred’ data in the event of a breach, ensuring the safety of critical assets. With ProtectV, organisations achieve the same control and security level in their virtual environment as they had in their physical datacentre.” - Vince Lee, Regional Manager, Australia/New Zealand for SafeNet.
Supporting Resources: ProtectV product: http://www.safenet-inc.com/cloud/virtual-machine-security/ SafeNet Cloud Security: http://www.safenet-inc.com/cloud KeySecure product: http://www.safenet-inc.com/data-protection/key-management/key-secure/ ProtectV: Securing Sensitive Data in Virtual and Cloud Environments: http://www.safenet-inc.com/resource/ResourceRequest.aspx?ID=8589946637&resourcelang=1033 ProtectV Product Overview: VM & AWS Encryption: http://www.youtube.com/watch?v=PpvOAh-7okk Data Governance in the Cloud: http://www.youtube.com/watch?v=-jCgHR64Q1g Compliance for the Cloud: http://www.youtube.com/watch?v=AIlEA8z3N3A For more details about ProtectV VMware, please visit the VMware Solution Exchange (VSX) at https://solutionexchange.vmware.com/store/products/protectv Follow SafeNet on Twitter, Facebook , YouTube and LinkedIn
About SafeNet Founded in 1983, SafeNet, Inc. is one of the largest information security companies in the world, and is trusted to protect the most sensitive data for market-leading organisations around the globe. SafeNet’s data-centric approach focuses on the protection of high-value information throughout its lifecycle, from the data centre to the cloud. More than 25,000 customers across commercial enterprises and government agencies trust SafeNet to protect and control access to sensitive data, manage risk, ensure compliance, and secure virtual and cloud environments.
©2012 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are registered trademarks of SafeNet. All other product names are trademarks of their respective owners. PB (EN)-06.01.12
VMware, VMware vCenter and VMware vShield are registered trademarks and/or trademarks of VMware, Inc. in the United States and/or other jurisdictions. The use of the word “partner” or “partnership” does not imply a legal partnership relationship between VMware and any other company.
Sign up now »
The NetIQ iSeries Security Solutions helps you eliminate security risks and maintain business continuity
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.