Current Threat: Compliance with regulations and standards such as HIPAA, SOX and PCI; data privacy breaches and liabilities; and keeping out of headlines are the key drivers for storage security. There is an increasing sense of urgency among businesses to deploy storage encryption to secure sensitive corporate and customer data.Given the high costs of security breaches, many companies have recognized that they must do more than just secure their data at rest; they must also secure the keys that encrypt the data. At the same time, the increased challenges in managing disparate key management systems lead to the need for consolidating the management of keys for data at rest. As hackers and cyber-criminals find more sophisticated ways to circumvent corporate security mechanisms, it's clear that just encrypting data isn't enough. With access to a company's encryption keys, cyber-thieves can do irreparable damage to a company's reputation and brand and its customers’ identities.
NeoScale’s purpose-built appliances provide transparent, wire-speed protection of stored data regardless of application, transport, media type or location. We deliver the industry’s only consistent encryption methodology, security and automation across open systems and mainframe tape environments. Recently, we have announced our visionary approach to encryption key management. As an alternative to vendor-specific key management solutions, NeoScale promotes the use of a key management service network that connects multiple key managers and encryption endpoints such as tape, disk devices, and backup applications. These key managers and encryption endpoints communicate using standard protocols to deliver unified multi-vendor key management services. Encryption endpoints plugged into the key management service network can take advantage of services including:
Consistent key policy administration, such as re-keying and retention policies
Flexible policies that can manage vendor-specific encryption attributes for a given endpoint
Automated key lifecycle management from key creation through deletion
Secure key sharing, for inter-organizational information sharing among authorized parties
Secure, hardened key archiving
Centralized key auditing, to meet compliance obligations
This model benefits customers by ensuring business continuity, increasing data security, and automating key management processes to maximize productivity when sharing sensitive information across the extended enterprise. It also exemplifies our continuing innovation for building secure, automated, open, and interoperable solutions to help customers achieve compliance, secure sensitive data, and stay out of headlines without significant forklift or investment.
Conclusion: Global key management provides effective, centralized, and scalable management of all keys throughout the enterprise, no matter the encryption endpoint and no matter how large the network. The investment in key management is minimal compared to the staggering costs of a breach.
NeoScale Systems, Inc.
1655 McCarthy Blvd,
Milpitas, CA USA
Tel: 1 408 473-1300
Download the document
From Info Security Products Guide site: CLICK HERE