Www.Vormetric.com Security Policy and Key Management Centrally Manage Encryption Keys - Oracle TDE, SQL Server TDE and Vormetric. Tina Stewart, Vice President.

Slides:



Advertisements
Similar presentations
IT Security Policy Framework
Advertisements

BalaBit Shell Control Box
Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),
Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.
SSL Protocol By Oana Dini. Overview Introduction to SSL SSL Architecture SSL Limitations.
The twenty-four/seven database Oracle Database Security David Yahalom Senior database consultant
Oracle Database Security
Vormetric Data Security
Dell Compellent and SafeNet KeySecure
Security Controls – What Works
© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.
Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.
Notes: Update as of 12/31/2010 inclusive. Chart counts NIST CVE – Reported Software Flaws by “published” date, utilizing the NIST NVD. SQL Server.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Pre-adoption concern 60% cited concerns around data security as a barrier to adoption 45% concerned that the cloud would result in a lack of data control.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
1 Andrew Fryer Technical Evangelist R2 Data Governance for the IT Manager.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Public Key Infrastructure from the Most Trusted Name in e-Security.
A Comprehensive Solution Team Mag 5 Valerie B., Derek C., Jimmy C., Julia M., Mark Z.
Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam
Unify and Simplify: Security Management
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
SafeNet Protects Data at Rest
Enterprise Privacy Architectures Leveraging Encryption to Keep Data Private Karim Toubba VP of Product Management Ingrian Networks.
Dell Connected Security Solutions Simplify & unify.
Sagar Joshi Senior Security Consultant | ACE Team, Microsoft Information Security
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Key Management with the Voltage Data Protection Server Luther Martin IEEE P May 7, 2007.
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
Additional Security Tools Lesson 15. Skills Matrix.
Sensitive Metric Collection and Reporting System Michael Aiello Hanning Gao Martin Goldberg Michael Sosonkin Jason Woloz.
Simplify and Strengthen Security with Oracle Application Server Allan L Haensgen Senior Principal Instructor Oracle Corporation Session id:
The Changing World of Endpoint Protection
Database Security and Data Protection Suseel Pachalla, CISSP.
Cloud Computing Security Keep Your Head and Other Data Secure in the Cloud Lynne Pizzini, CISSP, CISM, CIPP Information Systems Security Officer Information.
Building a Fully Trusted Authentication Environment
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
Alliance Key Manager for Windows Azure Puts Encryption Key Management and Data Breach Security at Your Fingertips COMPANY PROFILE: TOWNSEND SECURITY Townsend.
VeriShield Protect Revolutionary technology that simplifies PCI DSS compliance with no system upgrades Now available on V x Solutions!
Visibility. Intelligence. response Information Security: Risk Management or Business Enablement? Mike Childs Vice President Rook Security.
SSL(HandShake) Protocol By J.STEPHY GRAFF IIM.SC(C.S)
Secure Data Access with SQL Server 2005 Doug Rees Associate Technologist, CM Group
C Copyright © 2007, Oracle. All rights reserved. Security New Features.
Security Systems | ST/SRM3-NA | 4/6/2016 © 2016 Robert Bosch LLC and affiliates. All rights reserved. 1 Ensure data security in a hyper-connected world.
Secure SQL Database with TDE Thomas Chan SQL Saturday Raleigh.
Vormetric Encryption Architecture Overview Protecting Enterprise Data at Rest with Encryption, Access Controls, and Auditing.
©2014 Cleo. All rights reserved. Company confidential. Managing Chaos: Andy Moir Director, Product Marketing 2 Data Movement in 2015.
SQL Server Encryption Ben Miller Blog:
ORACLE's Approach ORALCE uses a proprietary mechanism for security. They user OLS.... ORACLE Labeling Security. They do data confidentiality They do adjudication.
White Paper: Enterprise Encryption and Key Management Strategy 1 Vormetric Contact: Name: Tina Stewart (send traffic.
VMware, SQL Server and Encrypting Private Data
Data Armor: MySQL Security Protections [CON1050]
Table of Contents The Need for Effective Database Security
Blackboard Security System
“Security” in cloud computing
Dell Compellent and SafeNet KeySecure
Chapter 5 : Designing Windows Server-Level Security Processes
Security and Encryption
BOMGAR REMOTE SUPPORT Karl Lankford
KMIP Key Management with Vormetric Data Security Manager
KMIP Key Management with Vormetric Data Security Manager
Public Key Infrastructure from the Most Trusted Name in e-Security
RKL Remote key loading.
Enterprise Data Solution Running on the Azure Cloud Platform Protects, Preserves Critical Data “Druva takes a proactive approach to help customers address.
Building a Vertical Around Regulated Industries to Increase Your Business
Presentation transcript:

Security Policy and Key Management Centrally Manage Encryption Keys - Oracle TDE, SQL Server TDE and Vormetric. Tina Stewart, Vice President of Marketing

Presentation Overview Evolution of encryption management systems and integrated key IT operations and will then be examined support challenges Review of the future compliance regulations industry initiatives and Conclude with brief Vormetric Key Management introduction to Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved. Slide No: 2

Importance of Enterprise Key Management Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved. Slide No: 3 Two Types of Key Management Systems Third PartyIntegrated “ i The final encrypted solution has two parts: the encrypted data itself and the keys that control the encryption and decryption processes. Controlling and maintaining the keys, therefore, is the most important part of an enterprise encryption strategy. Forrester Research, Inc., “Killing Data”, January 2012

IT Imperative: Secure Enterprise Data Direct access to enterprise data has increased the risk of misuse. Attacks on mission critical data are getting more sophisticated. Security breach results in substantial loss of revenue and customer trust. Compliance regulations (HIPAA, PCI DSS) mandates improved controls What is needed is a powerful, integrated solution that can enable IT to Ensure the availability, security, and manageability of encryption keys Across the enterprise. “ ! A Data Breach Costs > $7.2M Per Episode i 2010 Annual Study: U.S. Cost of a Data Breaches, Ponemon Institute Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved. Slide No: 4

Enterprise Key Management 8 Requirements Enterprise Key Management Generation Storage Backup Key State Management Security Auditing Authentication Restoration Slide No: 5 Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved.

Interoperability Standards PKCS#11 EKM OASIS KMIP Public Key Cryptographic Standard used by Oracle Transparent Data Encryption (TDE) Cryptographic APIs used by Microsoft SQL server to provide database encryption and secure key management Single comprehensive protocol defined by consumers of enterprise key management systems ! Even though vendors may agree on basic cryptographic techniques and standards, compatibility between key management implementation is not guaranteed. Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved. Slide No: 6

Complex management : Managing a plethora of encryption keys in millions Security Issues : Vulnerability of keys from outside hackers /malicious insiders Data Availability : Ensuring data accessibility for authorized users Scalability : Supporting multiple databases, applications and standards Governance: Defining policy-driven, access, control and protection for data Encryption Key Management Challenges Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved. Slide No: 7 Disparate Systems Different Ways of Managing Encryption Keys

Industry Regulatory Standards Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved. Slide No: 8 Gramm Leach Bliley Act (GLBA) U.S. Health I.T. for Economic and Clinical Health (HITECH) Act Payment Card Industry Data Security Standard (PCI DSS) Requires encryption key management systems with controls and procedures for managing key use and performing decryption functions. Requires firms in USA to publicly acknowledge a data breech although it can damage their reputation. Includes a breach notification clause for which encryption provides safe harbor in the event of a data breach.

Vormetric Key Management Benefits Improve Operational Efficiency Reduce Key Management Burden Minimize Solution Costs Stores Keys Securely Provides Audit and Reporting Manages Heterogeneous Keys / FIPS Compliant i VKM provides a robust, standards-based platform for managing encryption keys. It simplifies management and administrative challenges around key management to ensure keys are secure. “ Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved. Slide No: 9

Vormetric Key Management Capabilities Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved. Slide No: 10 Manage Vormetric Encryption Agents Manage 3rd Party Keys Vault Other Keys Create/Manage/Revoke keys of 3rd party encryption solutions Provide Network HSM to encryption solutions via  PKCS#11 (Oracle 11gR2)  EKM (MSSQL 2008 R2) Provide Secure storage of security material Key Types:  Symmetric: AES, 3DES, ARIA  Asymmetric: RSA 1024, RSA 2048, RSA 4096  Other: Unvalidated security materials (passwords, etc.).

Vormetric Key Management Components Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved. Slide No: 11 Data Security Manager (DSM) Report on vaulted keys Key Vault Provides key management services for:  Oracle 11g R2 TDE (Tablespace Encryption)  MSSQL 2008 R2 Enterprise TDE (Tablespace Encryption) Licensable Option on DSM Web based or API level interface for import and export of keys Same DSM as used with all VDS products FIPS Key Manager with Separation of Duties Supports Symmetric, Asymmetric, and Other Key materials Reporting on key types

TDE Key Architecture before Vormetric Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved. Slide No: 12 Master Encryption keys are stored on the local system in a file with the data by default. TDE Master Encryption Key Local Wallet or Table Oracle / Microsoft TDE !

TDE Key Architecture after Vormetric Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved. Slide No: 13 TDE Master Encryption Key Vormetric DSM acts as Network HSM for securing keys for Oracle and Microsoft TDE Vormetric Key Agent is installed on the database server SSL Connection Key Agent Oracle / Microsoft TDE

VKM Architecture-Key Vault Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved. Slide No: 14 Symmetric Asymmetric Certificates Web GUI Command Line / API Supported Key Types:

Security Policy and Key Management Protecting the enterprise’s valuable digital assets from accidental or intentional misuse are key goals for every IT team today A centralized enterprise key management solution is critical to ensuring all sensitive enterprise data is secure and available. Vormetric Key Management is the only solution today that can: Minimize IT operational and support burdens for encryption key management, Protect data without disrupting you business Secure and control access to data across the enterprise and into the cloud, and Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved. Slide No: 15

Vormetric Key Management is the only solution today that can: A centralized enterprise key management solution is critical to ensuring all sensitive enterprise data is secure and available. Protecting the enterprise’s valuable digital assets from accidental or intentional misuse are key goals for every IT team today Security Policy and Key Management Copyright 2012 Vormetric, Inc. – Proprietary and Confidential. All rights reserved. Slide No: 16 “ i The final encrypted solution has two parts: the encrypted data itself and the keys that control the encryption and decryption processes. Controlling and maintaining the keys, therefore, is the most important part of an enterprise encryption strategy. Forrester Research, Inc., “Killing Data”, January 2012 Minimize IT operational and support burdens for encryption key management, Secure and control access to data across the enterprise and into the cloud, and Protect data without disrupting you business

Security Policy and Key Management Centrally Manage Encryption Keys - Oracle TDE, SQL Server TDE and Vormetric. Tina Stewart, Vice President of Marketing Download Whitepaper Click - to - tweet

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.