ENCRYPTION

ENCRYPTION

Data Encryption

Securite offer a wide range of encryption solutions on premises or as a hosted SAAS platform. With the depth and breadth of products across the three vendors, we cover all methods of transit. Our chosen solutions use industry-leading encryption algorithms and offer multiple layers of protection that address specific risk areas. Encryption can be extended to PCs, laptops, network files and folders, removable media, and USB storage devices. Endpoint Encryption allows you to transparently secure a broader scope of confidential information including customer data, intellectual property, legal and financial records, and employee communications.

  • Securite provides Vormetric Encryption Solutions
  • Gemalto HSM and encryption
  • Imperva is a Securite Partner

Vormetric is the leader in database encryption

Data Encryption for Any File, Any Database, Any Server – Anywhere!
Vormetric Transparent Encryption enables data-at-rest encryption, privileged user access control and the collection of security intelligence logs without re-engineering applications, databases or infrastructure. The deployment of our data-at-rest encryption software is simple, scalable and fast, Vormetric Transparent Encryption Agents are installed above the file system on servers or virtual machines to enforce data security and compliance policies. As with all Vormetric encryption products, on-going policy and encryption key management operations are centralised and efficient with the Vormetric Data Security Manager.
Transparent deployment
No development or changes required to user experience, applications and infrastructure.
Supports compliance and contractual mandates
Our enterprise encryption software satisfies mandates around data-at rest encryption, file encryption, least privileged access, monitoring and encryption key management
Limits privileged user risk
Our data encryption software solution stops root, system, cloud, storage and other administrators from accessing data while preserving their ability to perform their day-to-day administrative responsibilities.
The broadest heterogeneous operating system and application support
Vormetric Transparent Encryption agents support Windows, Linux and Unix platforms as well as most databases and all unstructured file types.
Maintain Service Level Agreements (SLA)
Distributing agents optimised for specific file system and encryption acceleration hardware across servers results in very low latency and little overhead.
Scales and grows with your requirements
With proven deployments of over 10,000 servers, companies can be confident that, with our enterprise encryption software solution, they can easily expand protecting files and data as new business requirements arise across physical, virtual, cloud or big data environments.

ResourcesDataVideo

Gemalto SafeNet Encryption

Securing sensitive information in databases is imperative to meet compliance mandates and keep your critical business assets protected from rogue insiders, malicious threats, and data breaches. SafeNet encryption solutions enable you to;

  • Apply transparent encryption to protect sensitive data at the column or file level in NoSQL databases (Cassandra, MongoDB, and HBase, etc.) and SQL databases (Microsoft SQL Server, Oracle, IBM DB2, MySQL, PostgreSQL, etc.)
  • Define granular policies to control who and what can access your data, including database administrators and other privileged users
  • Support multiple data centres in on-premises, public cloud, virtual, hybrid, and big data environments
  • Centralise enterprise key and policy management and operations
  • Increase security with built-in key rotation, data re-keying, logging and auditing
  • Gemalto also offers solutions that can tokenise sensitive data, and manage keys in a separate and more secure fashion to complement native transparent data encryption (TDE) in SQL databases.

Resources

Gemalto Crypto Management

Deploying a high-assurance crypto management platform is the best way to protect your cryptographic keys. This approach is built on a foundation of strong keys, enterprise key management, centralised crypto resource management, and the use of a hardware root of trust. When encryption is used, the risk is transferred from the data itself to the cryptographic keys. The ability to securely manage, store, and use keys is essential. With a copy of the private key an attacker could decrypt data, create fraudulent identities, and generate certificates at will.
Why Use Gemalto for Crypto Management?​
Gemalto delivers the breadth of solutions that enable security teams to centrally employ defense-in-depth strategies—and ultimately make sure encryption yields true security.

Resources

Hardware Security Modules (HSM)

SafeNet Hardware Security Modules (HSMs) provide reliable protection for transactions, identities, and applications by securing cryptographic keys and provisioning encryption, decryption, authentication, and digital signing services.

Data

SOPHOS SafeGuard Enterprise Encryption

Protecting the data wherever it goes ensures productivity by securing sensitive data wherever it is stored. Sophos SafeGuard protects data stored on laptops, USB devices, network shares or even in the cloud. SafeGuard is fast and efficient and offers negligible performance impact.

  • Makes regulatory compliance easier with policy enforcement and reporting
  • Provides key management that lets authorised users share data securely and easily
  • Save time using the central console for data protection policy definition and management
  • Manages all devices in the organisation from one place,including hard disks encrypted with BitLocker or FileVault 2 and Opal self-encrypting drive

SafeGuard harnesses the latest improvements in processor to maximise performance on every device. The application is designed as a modular solution to ensure scalability and flexibility to extend the ROI on your security budget.
Modules
SafeGuard Enterprise Modules
Management Centre
Implements and enforces a common, organisation-wide security policy framework, providing you with a central point of management control in mixed IT environments.
Device Encryption
Transparently encrypts data on laptops, desktops and external media, protecting your users against unauthorised access, loss or theft of data.
Data Exchange
Ensures the secure exchange of data on removable media with your business partners and customers, even if they don’t have a SafeGuard application installed.
Encryption for Cloud Storage
Encrypts files uploaded to cloud storage services from managed computers. We also include readers for opening these files on iOS and Android devices.
Native Device Encryption
Manages third-party security applications such as Windows BitLocker and Mac FileVault 2 drive encryption.
Encryption for File Shares
Encrypts user data across workgroups. Protect your data on local drives and network servers,at both the file and directory levels.

Data

Imperva Database Encryption

SecureSphere for Database
SecureSphere data protection solutions address all aspects of database security and compliance with database auditing and real-time protection that will not impact performance or availability. SecureSphere scales to support the largest database and Big Data installations. By automating security and compliance, it is not surprising that thousands of organisations choose Imperva SecureSphere for data to safeguard their most valuable assets.

  • Discover and help classify sensitive databases
  • Audit all access to sensitive data across all data stores
  • Identify excessive user rights and dormant users, and enable a complete rights review cycle
  • Protect RDBMS, data warehouses, Big Data platforms, and mainframe databases
  • Alert, quarantine, and block database attacks and unauthorised activities in real time
  • Accelerate incident response and forensics investigations with advanced analytics
  • Match your evolving IT needs for high availability clustering and Amazon Web Services (AWS) cloud deployment
  • Provide rapid time-to-value and predictable costs without negatively impacting database performance

Enterprise Ready Deployment
Imperva takes a comprehensive view of the enterprise with a centralised management console capable of providing command and control at a global level. The top-level management console enables the rapid deployment of global policies and automation of tasks such as data classification, thereby speeding implementation time. Imperva also recognises the value of IT provisioning, providing API sets to facilitate seamless software distribution, configuration updates, policy distribution and data discovery. Deployment and configuration automation is a primary factor in time-to-value. As an example, an Imperva customer was able to deploy to over 69,000 databases in the span of just a few months using these automation tools.
Imperva goes beyond the typical deployment scenario where agents are required on all database servers; SecureSphere supports multiple deployment methods, including a local agent, a network transparent bridge option and a non-inline sniffer mode. By using a combination of deployment methods, the enterprise can meet a wide variety of needs without being locked into a one-size-fits-all model.
Identify Hidden Costs and Risks
SecureSphere Database Assessment identifies database vulnerabilities and measures compliance with industry standards and best practices. Combined with sensitive data discovery and data classification, organisations can accurately scope security and compliance projects and prioritise risk mitigation efforts.
Monitor Traffic for Compliance and Protection
Even with a high volume of database traffic, SecureSphere simultaneously monitors all traffic for security policy violations and compliance policy purposes. The highly efficient monitoring for separate purposes allows companies to address both security and compliance requirements with a single unified solution. SecureSphere analyses all database activity in real-time, providing organisations with a proactive security enforcement layer and detailed audit trail that shows the “who, what, when, where, and how” of each transaction. SecureSphere audits privileged users who directly access the database server, as well as users accessing the database through a browser, mobile, or desktop-based application.
Manage User Access
Virtually every regulation has requirements to manage user rights to sensitive data. Complying with these requirements is one of the most difficult tasks for enterprises to manually perform across large data sets. SecureSphere automatically aggregates user rights across heterogeneous data stores and helps establish an automated access rights review process to eliminate excessive user rights. It facilitates a routine demonstration of compliance with regulations such as SOX and PCI DSS. The automation of these mundane, but critical tasks, lowers labour costs and reduces the risk of error or reporting gaps.
Streamline Data Compliance
Unlike solutions that require DBA involvement and reliance on expensive professional services, SecureSphere provides the necessary management and centralisation capabilities to manage thousands of databases, Big Data nodes, and file repositories. Pre-defined policies, remediation workflows, and hundreds of reports markedly reduce the need for SQL scripts and compliance matter expertise. Elimination of the need for ongoing DBA involvement ensures compliance with the separation of duties requirement. By utilising the out-of-the-box process APIs, management console, workflows, reports and analysis tools existing personnel can deploy and manage the system.
Discover and Manage Database Vulnerabilities
Malicious insiders and hackers can easily steal data by exploiting unpatched systems, accessing accounts with default passwords, and leveraging administrative rights. SecureSphere helps you prioritise and remediate vulnerabilities with assessments for database platforms and configurations. The assessments are kept up-to-date with the latest research from the Imperva Application Defence Centre (ADC).