Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

8/20/2012
09:19 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

SafeNet Delivers New Class Of Crypto To Storage Data

StorageSecure provides a highly secure alternative to full-disk encryption technology

Baltimore August 20, 2012 – Data breaches are accelerating with alarming speed, and traditional breach prevention tactics are simply insufficient to guard organizations’ data from unauthorized access or exposure. Today, SafeNet, a global leader in data protection, extends its comprehensive portfolio of data security solutions into the storage security market with the immediate availability of StorageSecure.

StorageSecure is the industry’s first network attached storage (NAS) security solution that encrypts data granularly over the network at multi Gbps speed. Customers gain the benefits of compliance, improved governance, and data security for their mission-critical data at rest.

Gartner analyst Sid Deshpande notes that large scale digital content and unstructured data are growing at a fast pace, and as a result an increasing number of users are adopting scalable NAS solutions. The consolidation of corporate data, including high-value information, into large centralized repositories such as NAS is ushering in a new set of compliance-related issues and security risks. Multi-tenant NAS environments increases the number of users and storage administrators with access permissions to the same storage environment. To prevent unauthorized access and use of high-value data, as well as enabling effective auditing, customers need to come up with a new method to protect their data.

StorageSecure was developed in partnership with NetApp, the industry leader for NAS solutions, and designed to address these needs. By providing granular encryption, customers can compartmentalize the use of data in NAS, mitigate the risk of storage admins accessing high-value data without affecting their day to day job, enable effective data shredding when needed, and demonstrate trustworthy audit trail for all StorageSecure-protected data access events.

According to Gartner Analyst, Eric Oulette in the July 27,2012 Hype Cycle for Data and Collaboration Security 2012, organizations that use several disparate/isolated storage data encryption solutions should also consider the benefits of consolidating individual solutions into centralized data center storage encryption to simplify deployment and maintenance cost/efforts and to enable the consistency of encryption policy applicability.

StorageSecure provides those benefits to customers, including:

Policy-based Data Security: Granular encryption of data communicated over Common Internet File System (CIFS) and Network File Service (NFS) at the folder level segregating data stored in shared NAS environments ensuring that each user’s data is effectively isolated from unauthorized access by other users and administrators. An additional layer of protection against rogue administrators is unique in the industry.

Enhanced Data Governance: The hardened and trusted FIPS 140-2 Level 3 StorageSecure is a tamper-proof network appliance with centralized high-assurance auditing and security management that stores and manages the encryption keys with complete security. This enables a complete and unmatched audit trail of access events to high-value data stored in NAS

Investment Protection: StorageSecure integrates within existing IT architectures and uses existing Active Directory, Lightweight Directory Access Protocol (LDAP) or Network Information Service (NIS) security policies and client authentication, and covers any CIFS and NFS communications supporting NAS and file servers.

Cross-platform Key Management: As part of SafeNet’s data protection portfolio, StorageSecure integrates with SafeNet’s Enterprise Key Management solution, KeySecureTM . KeySecure enables security teams to centrally and uniformly manage cryptographic keys across a wide variety of their organization’s encryption platforms, while at the same time streamlines key and policy administration. Based on the KMIP protocol (the industry standard key management protocol), KeySecure offers key management for StorageSecure, as well as the widest variety of storage encryption solutions including encryption for SAN by managing keys for Brocade encryption switch (BES)self-encrypted drives used in many new SAN and NAS environments (e.g. NetApp NSE), self-encrypted backup tape drives.

SafeNet Executive Commentary

“As data volumes proliferate and breaches become a more common occurrence, organizations need to employ a new mindset that will help protect their digital assets from internal and external threats. StorageSecure does just that by employing intelligent storage encryption and high-assurance key management to existing storage solutions. This helps organizations play proactive defense and keep structured and unstructured data safe, secure against insider threats and remain compliant with stringent industry regulations.”

- Sangeeta Anand, corporate vice president and general manager, Data Protection Business Unit, SafeNet, Inc.

NetApp Executive Commentary

“Our customers are demanding a scalable solution to manage the security of their data in NAS and SAN environments. With StorageSecure, SafeNet and NetApp are bringing our customers the most advanced and secure enterprise storage security solution available. StorageSecure, especially when combined with SafeNet KeySecure, provides customers with the level of control, management and visibility necessary to enable compliance and overall data security.”

- Tim Russell, vice president, Data Lifecycle Ecosystem group, NetApp

StorageSecure is available today in two appliance options – one suited for 1Gbps networks and the second can address 10Gbps network infrastructure.

Supporting Resources:

· StorageSecure overview: http://www.safenet-inc.com/data-protection/storage-security/storage-secure/

· KeySecure overview: http://www.safenet-inc.com/data-protection/key-management/key-secure/

· Encryption in NAS Environments: Requirements and Keys to Success http://www.safenet-inc.com/data-protection/storage-security/storage-secure/

· Securing Electronic Health Records in Storage: Current Threats—and How SafeNet Solutions Can Help Combat Them http://www.safenet-inc.com/data-protection/storage-security/storage-secure/

· Follow SafeNet on Twitter, Facebook, YouTube and LinkedIn

About SafeNet

Founded in 1983, SafeNet, Inc. is one of the largest information security companies in the world, and is trusted to protect the most sensitive data for market-leading organizations around the globe. SafeNet’s data-centric approach focuses on the protection of high-value information throughout its lifecycle, from the datacenter to the cloud. More than 25,000 customers across commercial enterprises and government agencies trust SafeNet to protect and control access to sensitive data, manage risk, ensure compliance, and secure virtual and cloud environments.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: We need more votes, check the obituaries.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3272
PUBLISHED: 2021-01-27
jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components.
CVE-2021-3317
PUBLISHED: 2021-01-26
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source parameter.
CVE-2013-2512
PUBLISHED: 2021-01-26
The ftpd gem 0.2.1 for Ruby allows remote attackers to execute arbitrary OS commands via shell metacharacters in a LIST or NLST command argument within FTP protocol traffic.
CVE-2021-3165
PUBLISHED: 2021-01-26
SmartAgent 3.1.0 allows a ViewOnly attacker to create a SuperUser account via the /#/CampaignManager/users URI.
CVE-2021-1070
PUBLISHED: 2021-01-26
NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied, which may lead to an un...