2SafeNet: What We DoTrusted to protect the world’s most sensitive data for the world’s most trusted brands.We protect the most money that moves in the world, $1 trillion daily.FOUNDED1983OWNERSHIPPrivateREVENUE340mGLOBAL FOOTPRINT25,000+Customers in100 countriesWe protect the most digital identities in the world.Goal of Slide:Speaker Notes:EMPLOYEES1,500+In 25 countriesACCREDITEDProducts certifiedto the highest security standardWe protect the most classified information in the world.
3Why Data at Rest Encryption? Secures data wherever it residesData remains secured both in and out of the data centerSecures data in event of drive, array or Storage Center system theftProtect intellectual property and digital assets from unauthorized accessFull data controlOnly authorized users with appropriate keys have access.Key loss or deletion renders data permanently unreadable.Keys never appear in the clear on outside networksLog and audit user access to IPCompliancePCI-DSS, HIPAA, Basel II, 46+ State Laws, European Union requirementsRegulatory violations bring financial and legal penaltiesProactive security and reputation preservation have compelling ROIGoal of Slide:Speaker Notes:
4Dell Compellent Self-encrypting Drives (SED) Secures data againstlost, transported or stolen drivestheft of entire arraytheft an entire Storage Center system100% unrecoverable keysKey loss means data loss. No back door to access data on stolen drivesRemoved or stolen drives are automatically lockedEven if platters are placed on a spin stand, data is secureKeys are secure and never passed in the clear on outside networksRobust encryption and securitySecured using 256-bit AES encryptionOption to operate in non-SED mode without system impactFIPS Level 2 securityInstant cryptographic eraseDelete keys to decommissioned drives to render data unreadableCryptographically erase data on individual drive basis
5SafeNet KeySecure Enterprise Key Management Each SED contains its own encryption key. How do you effectively manage an entire datacenter?Centralized key managementStore, manage, generate, distribute, rotate, back up, activate, deactivate, and destroy keysUp to 1 million keys per clusterHigh assurance levelGeographically dispersed operationsStandard-based approach: OASIS KMIPManage keys for: Dell Full Disk EncryptionOther supported 3rd party KMIP-based solutionsSupports key management for cloud solutionsHardware encryption key storageMaintain encryption keys in SafeNet Luna SA (HSM) and PCI CardWorld Class Support Services7x24x365 Support offerings availableGoal of Slide:Speaker Notes:k150k46025,000 max keys1,000,000 max keys100 max concurrent clients1,000 max concurrent clientsFIPS Level 1FIPS Level 3
7Key Benefits Centralize Encryption Key Management Unify key management (e.g. key generation, escrow, recovery) for all Compellent self- encrypting drives and other KMIP compatible solutions in SafeNet’s partner ecosystem behind an intuitive graphical user interface.Multi-Tenant Data IsolationShare storage resources while securing data by business policy to segregate data for multiple departments, business units, or customers.High Availability ConfigurationsCluster appliances to maintain encrypted data availability in geographically dispersed data centers.Separation of duties.Segment key ownership and management based on individuals or by group owners to protect sensitive material against unauthorized access from staff.Auditing and LoggingDetailed logs can be used by SIEM reporting tools such as IBM QRadar, Splunk and others for improved day-to-day operations management and easier compliance reporting.
8KeySecure Summary Security Performance Manageability Availability FlexibilityHardware-based, centralized key and policy managementFIPS/CC certified solutionAuthentication and authorizationLow and high performance models (k460, k250, k150, k150v)Models matched to performance requirementsEfficient backup/restore capabilities, local encryption optionSupport for heterogeneous environments (app, db, file)Support for open standards and APIs and stress KMIPRange of enterprise deployment modelsIntuitive, easy-to-use administrationSeparation of dutiesCentralized policy managementEnterprise clustering and replicationLoad balancing, health checking, and failoverGeographically distributed redundancy8888
9Questions?Blair Semple Director Business Development For more information visit:9