Presentation on theme: "3LG SecureTech 1 Agenda 3LG SecureTech Overview Introduction The SecureTech Technology Mission Data Usage Models SecureTech Database Engineering Solution."— Presentation transcript:
3LG SecureTech 1 Agenda 3LG SecureTech Overview Introduction The SecureTech Technology Mission Data Usage Models SecureTech Database Engineering Solution Business Use Case SecureTech Database Demonstration Copyright SecureTech2, Inc., 2011
3LG SecureTech 2 Vision 3LG SecureTech Overview Copyright SecureTech2, Inc., 2011 worlds mostSecureSmallestFastest Database for laptop or desktop SecureTech
3LG SecureTech 3 Existing Data Usage Market data Users: business analysts executives managers The industry has focused on a centralized model where the data is aggregated from operational databases into a powerful and expensive analytic server that is shared by all users over the internet. IBM ORACLE HP Big Data Hadoop Analytic appliances Specialized server configurations Specialized database types 3LG SecureTech Overview Copyright SecureTech2, Inc., 2011
3LG SecureTech 4 SecureTech End Point User Model data Users: business analysts executives managers SecureTech does it differently. It aggregates the data on a standard server and then delivers data to the users desktop/laptop/ipad directly. Only the Data the individual user needs. The user executes database functions on their own, end point machine without the interference, delays, and performance problems of a shared model. SecureTech B No specialized hardware or software data 3LG SecureTech Overview Copyright SecureTech2, Inc., 2011
3LG SecureTech 5 Problems with Solution Models Problem Big Data End Point Data Availability due to loading periods X solved due to network problems X solved Performance bottlenecks due to complex queries X solved due to congestion X solved Data security solved Auditing user access X solved Data exposure through end user replication X solved 3LG SecureTech Overview Copyright SecureTech2, Inc., 2011
3LG SecureTech Architecture SecureTech Architecture Query Clients Before Before SecureTech With With SecureTech Query Servers And Data Marts Database Server or Data Warehouse DB Loader/ Compressor
3LG SecureTech Why SecureTech is Unique Most Secure Database for the PC o o Security o o Size/Compression o o Speed/Compression o o Encryption o o Audit o o Destruction
3LG SecureTech Most Secure Database for the PC Security Size/ Compression Speed/ Compression Patented database compression renders data storage unintelligible – read-only compressed database is additionally encrypted for most secure desktop database – more secure than transaction architecture databases Individual data columns compressed 6 – 20 times based on their data structures and cardinality Dont assume this is really the same for all solutions – yes, the performance tradeoff is still there for the databases you own today – But there is no tradeoff with the patented SecureTech solution
3LG SecureTech Most Secure Database for the PC Encryption Audit Self- Destruction With SecureTech database compression maximizes cipher strength protection for secured data sharing and transit Automates data compliance reporting of Who, When and How your data is being used Automatically enforced and non-recoverable is most cost effective method to assure compliance for data destruction and eliminate risks inherent in data sharing
3LG SecureTech Security Patented SecureTech Database compression using proprietary compression techniques renders data storage unintelligible (obfuscation) Compressed database is then encrypted to DoD 256 AES standards SecureTech Database remains fully compressed and encrypted before, during and after use No database backdoor or APIs to eliminate hacker threats Providing a distributed read-only, compressed, encrypted copy of database means the source database security controls can be further tightened eliminating inbound database access activity for queries and reporting SecureTech Database more secure than transaction architecture databases
3LG SecureTech Size/Compression applied to each data column Most efficient data compression algorithms automatically applied to each data column Data footprint times smaller than source DB Queries resolve without data decompression Patented algorithms balance compression with query performance to optimize query response time
3LG SecureTech Speed/Compression Dont assume database speed/compression is really the same for all solutions – yes, the performance tradeoff is still there for the databases you own today But there is no tradeoff with the patented SecureTech solution No tradeoff required between what data to encrypt for maximum protection versus not encrypting data for optimal query performance reasons. All data remains encrypted in SecureTech s high performance database.
3LG SecureTech Encryption with Database Compression Encryption with SecureTech database compression maximizes cipher strength protection for secured data sharing and transit. Most effective protection against all types of data security breach from simple everyday human error in the caretaking of data assets to serious attempts at unauthorized data access. No tradeoff required between what data to encrypt for maximum protection versus not encrypting data for optimal query performance reasons. All data remains both encrypted and compressed in SecureTech s high performance database.
3LG SecureTech Audit Automates data compliance reporting of Who, When and How your data is being used.data compliance reporting SecureTech Audit solution addresses the compliance gap between existing database security controls and business requirements for data sharing. Enables automatic tracking and reporting of usage activity from a secured SecureTech Audit database administered at SecureTech Server. Audit Database serves as history archive to support ongoing data security analysis and compliance reporting needs. Audit reports can be generated with SQL compliant reporting tools.
3LG SecureTech Automated Destruction Automated Database Self-Destruction is most cost effective method to assure data destruction compliance and eliminate risks inherent in data sharing. Enforces DoD standards for data destruction no matter Where the data isWhere Automated compliance for scheduled data retirement Patented heartbeat authentication and poison dart data destruction automatically protects against loss or theft.
3LG SecureTech Front-end/Back-end Agnostic IT Environment Upgrade costs of software, hardware and/or user education typically accompany any new solution. But not with SecureTech Technology : o oAuthorized data consumers continue to access their data through the PC tools and interfaces they are trained and comfortable with. o oSecurity and database administrators now have better control over the data ownership and usage without additional administration overhead. o oSecureTech solution addresses the compliance gap between existing database security controls and data sharing business requirements.
3LG SecureTech 17 SecureTech Analytic Database Engine Read-only Engine Runs on user Windows PC desktop, laptop Data Compression of 6-20 times High Performance ODBC SQL processing of times faster Database image built and managed by server Data is always encrypted Data security features Auto destruction after specified number of days Can require ping to open User ID/password separate from OS user Data access auditing features All SQL audited Audit trail transmitted back to administrator 3LG SecureTech Overview Copyright SecureTech2, Inc., 2011
3LG SecureTech Automatic updates for desktops/laptops SecureTech Architectural Overview DatabaseUpdates Compressed Read Only DB TraditionalDBMS DataWarehouse ERP Log Files Flat Files TraditionalDBMS DataWarehouse ERP Log Files Flat Files Automatic download to Windows PC desktop/laptops SecureTech Administrator (Security, XML, DB Tools) SecureTech Loader SecureTech Compressor Compressed Read Only DB CompressedUpdate CompressedUpdate SecureTech Increment Manager Query SecureTech with standard PC query tools: Business Objects, Crystal Reports, SQL application, SAS, Cognos, etc. SecureTec h
3LG SecureTech 19 Large Data Breaches Copyright SecureTech2, Inc., 2011 Largest Data Breaches Since 2009, federal law has required health care providers to report to the Department of Health and Human Services and the news media all data breaches affecting 500 patients or more. These are the top 10 largest medical data breaches since then. Health Care Provider StatePatients AffectedType of BreachDate TRICAREVirginia4,901,432Loss of backup tapesSept. 13, 2011 Health Net, Inc.California1,900,000UnknownJan. 21, 2011 North Bronx Healthcare Network New York1,700,000Electronic medical record theftDec. 23, 2010 AvMed, Inc.Florida1,220,000Laptop theftDec. 10, 2009 The Nemours Foundation Florida1,055,489Loss of backup tapesAug. 10, 2011 Blue Cross Blue Shield of Tennessee Tennessee1,023,209Hard drive theftOct. 2, 2009 Sutter Medical Foundation California943,434Desktop computer theftOct. 15, 2011 South Shore Hospital Massachuset ts 800,000Loss of portable electronic deviceFeb. 26, 2010 Utah Department of Health Utah780,000HackingMarch 10, 2012 to April 2, 2012 Eisenhower Medical Center California514,330Computer theft11-Mar-11 Source: U.S. Department of Health and Human Services.U.S. Department of Health and Human Services Federal law requires health care providers report data breaches affecting 500+ patients Automated Data Destruction
3LG SecureTech 20 FEDERAL COMPLIANCE for Secure Data Eradication Copyright SecureTech2, Inc., 2011 Regulations Aimed at Data Privacy and Protection Require Secure Data Audit Database Usage Documented Disposal of Data: Industry Regulations oHealth Insurance Portability and Accountability Act (HIPAA) oSarbanes-Oxley Act (corporate reporting and auditing practices) oGramm-Leach-Bliley Act (Financial Services Modernization Act) oFair Credit Reporting Act (Credit Reporting Industry) oUSA Patriot Act (Bank Security Act) oHomeland Security Information Sharing Act (Federal agencies security information) oD.O.D. (Department of Defense) standards Audit
3LG SecureTech DHS Applications using SecureTech Technology Remote or Local based access to critical data during disaster Large amounts of multiple sourced data resident on a desktop or laptop for improved visibility and access speed ( responsiveness ) Historical/Archival Applications (database compression) – –Historical Data – –Statistical Results – –Industry Compliance Enhanced Disaster Recovery (database compression/access via desktop/laptop )
3LG SecureTech White House Hurricane Katrina " Lessons Learned " Report SecureTech Database capability addresses many of the report's 125 recommendations. For example: SecureTech Database capability addresses many of the report's 125 recommendations. For example: LL#7 and #8 : Rapidly establish self-sufficient, initial Joint Field Office ( e.g., we can compress large data bases on Laptops with Incident Management Teams )LL#7 and #8 : Rapidly establish self-sufficient, initial Joint Field Office ( e.g., we can compress large data bases on Laptops with Incident Management Teams ) LL#21: Develop a national inventory of Federal capabilities and resources (e.g., we can get responses to random queries from Desk Tops and Laptops up to 20 times faster than any other system available today )LL#21: Develop a national inventory of Federal capabilities and resources (e.g., we can get responses to random queries from Desk Tops and Laptops up to 20 times faster than any other system available today ) LL#101: Integrate regional partnerships and resource databases with national databases and response capabilities to give incident commanders full visibility of supply and volunteer sources.LL#101: Integrate regional partnerships and resource databases with national databases and response capabilities to give incident commanders full visibility of supply and volunteer sources.
3LG SecureTech Increased VelocityIncreased Velocity –Working with current Databases and BI tools, SecureTech can deliver up to 20 times faster answers to complex inventory, stock positioning and commodity questions Increased VisibilityIncreased Visibility –SecureTech can deliver datamarts and access/query capabilities, up to now, only available through a central server, to desktop or laptop users down to 1/20 th its original size with required data security Avoid expensive system upgrades to accommodate rising query volumesAvoid expensive system upgrades to accommodate rising query volumes Facilitate increased self service and greater productivity to avoid increasing IT support staffFacilitate increased self service and greater productivity to avoid increasing IT support staff Decrease data footprint size for historical informationDecrease data footprint size for historical information Reduce database administration for query databasesReduce database administration for query databases Reduce the number of [Read-only] DB serversReduce the number of [Read-only] DB servers Value to FEMA
3LG SecureTech Telecom Mfg. Sales/Field Use Case 1. 1.Personalized laptop dashboards enabling field personnel an integrated view of all data supporting Business Intelligence in or out of the office. Data security, data access and distribution are KEY performance and controls objectives Business ProblemSecureTech Solution Field personnel wait till back in office to run reports competing with 1000s accessing same database at once straining IT resources and delaying field productivity Secure, read-only, high performance SecureTech database provides laptop ready field access to all data using standard report tools Field personnel have a dozen login IDs and application interfaces to access data in 12 separate siloed database systems Personalized SecureTech database provides single integrated view of all data entitled to use from multiple databases Objective:
3LG SecureTech Telecom Mfg. Sales/Field Use Case Business ProblemSecureTech Solution Sales field resort to copying reports on laptop – but always out-of-date beyond daily activity. Reports and spreadsheets are refreshed automatically for SecureTech database updates pushed to laptop automatically Availability of business intelligence in or out of office is still limited by network downtimes, database administration, schedules and performance bottlenecks Business Intelligence reporting is available anytime, anywhere – Not dependent on internet access or network or database performance. 100s of CRM apps serve 1000s of employees – costly IT maintenance delivering variable information quality across the enterprise Personalized SecureTech database delivered to each user laptop using standard BI applications familiar to the employee – no training required. No software/hardware upgrades required to deploy SecureTech databases.
3LG SecureTech Telecom Mfg. Sales/Field Use Case Business ProblemSecureTech Solution.Data security incidents include lost data, unauthorized access attempts and database security maintenance lagging changes to employee jobs and responsibilities Database is secure, encrypted and tamper proof for Compliance. SecureTech database expiration/refresh controls ensures only current authorized data is available to users. Field Organization of 1000s of employees leads to incidents of lost laptops, unauthorized access attempts, and exposures of unsecured computer files – a security headache for both IT and Corporate Compliance SecureTech remote database Lock/Wipe capability ensures only authorized, up- to-date data available on laptop for each user. Heartbeat/Poison dart capability can destroy remote laptop database without possibility of circumvention
3LG SecureTech 28 POC Report Timings Copyright SecureTech2, Inc., 2011 Largest Data Breaches Since 2009, federal law has required health care providers to report to the Department of Health and Human Services and the news media all data breaches affecting 500 patients or more. These are the top 10 largest medical data breaches since then. Reporting ToolDatabaseTYPEReport display while connecting to Server Report display while connecting to SEAD db Query performance when running directly on SERVER DB Query performance while running directly on SEAD db BOSQL SERVERDWH15 min 2 sec2 min 8 sec2 min 10 sec1min 29 sec BOSQL SERVEROLTP22 min 45 sec4 min 8 sec9 min 21 sec3min 17 sec BOSYBASEDWH10 sec2 sec.5 sec BOSYBASEOLTP7 min 2 sec3 min 58 sec20 min 40 sec42 sec MicrostrategySQL SERVERDWH1 min 49 sec2 min 28 sec1 min 9 sec59 sec MicrostrategySQL SERVEROLTP52 sec1 min 51 sec1 min 1 sec1 min 11 sec MicrostrategySYBASEDWH16 sec6 sec55 sec3 sec MicrostrategySYBASEOLTP2 mins 5 secs1 min 47 sec59 Sec38 sec HyperionSQL SERVERDWH26 sec39 sec20 sec32 sec HyperionSQL SERVEROLTP8 min 50 sec3 min 43 sec8 min 5 sec3 min 12 sec HyperionSYBASEDWH2 sec1 sec 2 sec HyperionSYBASEOLTP6 min 47 sec4 min 50 sec4 min 8 sec19mins 58 sec BIRTSQL SERVERDWH9 mins 4 sec9 mins 5 sec32 sec20 sec BIRTSQL SERVEROLTP9 mins 35 sec10 mins 25 sec4 mins 1 sec5 mins 22 sec BIRTSYBASEDWH9 sec21 sec2.59 sec3 sec BIRTSYBASEOLTP12 mins 35 sec11 mins 54 sec3 mins 25 sec4 mins 14 sec
3LG SecureTech October 2013 Reported Cyber Security BreachOctober 2013 Reported Cyber Security Breach –Attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders –Hackers had also stolen part of the source code to Photoshop editing software that is widely used by professional photographers. –Investigation has confirmed that the attackers obtained access to Adobe IDs and (what were at the time valid), encrypted passwords for approximately 38 million active users. –A file containing 150 million usernames and hashed passwords has thought to have appeared online on a cybercriminal site, according to Krebs on Security blog Krebs on Security blogKrebs on Security blog ADOBE SYSTEMS