Presentation on theme: "Dell Compellent and SafeNet KeySecure. 2 SafeNet: What We Do Trusted to protect the world’s most sensitive data for the world’s most trusted brands. We."— Presentation transcript:
2 SafeNet: What We Do Trusted to protect the world’s most sensitive data for the world’s most trusted brands. We protect the most money that moves in the world, $1 trillion daily. We protect the most digital identities in the world. We protect the most classified information in the world. FOUNDED 1983 REVENUE 340m EMPLOYEES 1,500+ In 25 countries OWNERSHIP Private GLOBAL FOOTPRINT 25,000+ Customers in 100 countries ACCREDITED Products certified to the highest security standard 2
3 Why Data at Rest Encryption? Secures data wherever it resides Data remains secured both in and out of the data center Secures data in event of drive, array or Storage Center system theft Protect intellectual property and digital assets from unauthorized access Full data control Only authorized users with appropriate keys have access. Key loss or deletion renders data permanently unreadable. Keys never appear in the clear on outside networks Log and audit user access to IP Compliance PCI-DSS, HIPAA, Basel II, 46+ State Laws, European Union requirements Regulatory violations bring financial and legal penalties Proactive security and reputation preservation have compelling ROI
4 Dell Compellent Self-encrypting Drives (SED) 4 Secures data against –lost, transported or stolen drives –theft of entire array –theft an entire Storage Center system 100% unrecoverable keys –Key loss means data loss. No back door to access data on stolen drives Removed or stolen drives are automatically locked –Even if platters are placed on a spin stand, data is secure –Keys are secure and never passed in the clear on outside networks Robust encryption and security –Secured using 256-bit AES encryption –Option to operate in non-SED mode without system impact –FIPS 140-2 Level 2 security Instant cryptographic erase –Delete keys to decommissioned drives to render data unreadable –Cryptographically erase data on individual drive basis
5 SafeNet KeySecure Enterprise Key Management Each SED contains its own encryption key. How do you effectively manage an entire datacenter? Centralized key management –Store, manage, generate, distribute, rotate, back up, activate, deactivate, and destroy keys –Up to 1 million keys per cluster –High assurance level –Geographically dispersed operations Standard-based approach: OASIS KMIP –Manage keys for: Dell Full Disk Encryption –Other supported 3rd party KMIP-based solutions –Supports key management for cloud solutions Hardware encryption key storage –Maintain encryption keys in SafeNet Luna SA (HSM) and PCI Card World Class Support Services –7x24x365 Support offerings available 5 k150k460 25,000 max keys1,000,000 max keys 100 max concurrent clients 1,000 max concurrent clients FIPS 140-2 Level 1FIPS 140-2 Level 3
7 Key Benefits Centralize Encryption Key Management –Unify key management (e.g. key generation, escrow, recovery) for all Compellent self-encrypting drives and other KMIP compatible solutions in SafeNet’s partner ecosystem behind an intuitive graphical user interface. Multi-Tenant Data Isolation –Share storage resources while securing data by business policy to segregate data for multiple departments, business units, or customers. High Availability Configurations –Cluster appliances to maintain encrypted data availability in geographically dispersed data centers. Separation of duties. –Segment key ownership and management based on individuals or by group owners to protect sensitive material against unauthorized access from staff. Auditing and Logging –Detailed logs can be used by SIEM reporting tools such as IBM QRadar, Splunk and others for improved day-to-day operations management and easier compliance reporting.
8 Security Performance Manageability Availability Flexibility Hardware-based, centralized key and policy management FIPS/CC certified solution Authentication and authorization Low and high performance models (k460, k250, k150, k150v) Models matched to performance requirements Efficient backup/restore capabilities, local encryption option Support for heterogeneous environments (app, db, file) Support for open standards and APIs and stress KMIP Range of enterprise deployment models Intuitive, easy-to-use administration Separation of duties Centralized policy management Enterprise clustering and replication Load balancing, health checking, and failover Geographically distributed redundancy KeySecure Summary
9 Questions? Blair Semple Director Business Development firstname.lastname@example.org For more information visit: http://www.safenet-inc.com/partners/dell