Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

1/7/2010
01:55 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

StrongAuth Releases StrongKey Lite

StrongKey Lite Encryption System integrated appliances able to encrypt and store billions of sensitive data records

CUPERTINO, CA January 5, 2010 -- StrongAuth, Inc. today announced the general availability of the StrongKey Lite Encryption SystemTM providing unprecedented capability in encryption and key-management at an unprecedented value.

StrongAuth, Inc., announced the availability of the StrongKey Lite Encryption SystemTM (SKLES), an integrated appliance providing a comprehensive solution to companies complying with PCI-DSS, 201 CMR 17.00, HIPAA, FISMA, the EU Directive, California's SB-1386 and similar data-security regulations for the protection of sensitive data. The StrongKey Lite

Encryption SystemTM includes:

  • The ability to encrypt and store billions of sensitive data records on the appliance using strong NIST-approved algorithms, such as the Advanced Encryption Standard (AES);

  • The ability to tokenize the sensitive data on the appliance to minimize the impact on applications; (tokenization is the ability to replace sensitive data with equivalent non-sensitive data whose appearance and characteristics resemble that of sensitive data, but are meaningless if exposed);

  • Key-management " consisting of automatic key-generation, escrow, recovery and access-control - of millions of symmetric encryption keys on the appliance;

  • A cryptographic hardware module with a true random number generator, for protection of cryptographic keys;

  • A hardened, high-performance, quad-core, 64-bit processor based computer with 4GB of DRAM, 0.5TB of hard disk storage and necessary software to operate the appliance;

  • Secure, automatic replication to other SKLES appliances for high-availability of cryptographic services;

  • The ability to host multiple encryption domains within a single appliance, allowing for servicing different security needs of applications from a single SKLES appliance;

  • Color-coded USB-tokens to store the strong cryptographic credentials of Key Custodians for securely and easily managing the cryptographic hardware module from remote locations;

  • The ability to integrate the appliance to existing identity management systems, such as Active Directory or other LDAP-based identity management systems; and

    A GUI-based administration console for the easy and secure management of the SKLES.

    StrongAuth announced the StrongKey Lite Encryption SystemTM Model-T, with its unprecedented blend of cryptographic features, is available immediately at a price of $4,995 per appliance.

    "While encryption has been around for more than two decades, companies have been struggling to make sense of their encryption and key-management problems in the wake of more than 1,300 disclosed breaches to sensitive data in the last 4 years" said Arshad Noor, the CTO of StrongAuth. "We created the world's first open-source Symmetric Key Management System (StrongKey) four years ago in response to the needs of our customers. However a segment of the market wanted StrongKey simplified to address issues such as reducing the scope of security audits, tokenization, integrated cryptographic hardware protection of keys and reduced implementation costs. StrongKey Lite is our response to those demands".

    Since the state of California first passed a Breach Disclosure law " also known as Senate Bill 1386 " in 2003, more than 1300 breaches to sensitive data have been disclosed that have affected the personal data of more than 300 Million US residents according to www.privacyrights.org. Retail merchants such as TJX have paid out more than $115M in fines and settlements for a single data-breach that exposed 45M consumers' credit card numbers. Fines and settlements related to Heartland Payment Systems' breach of 130M records " the largest known breach - are not available.

    Security regulations have consequently focused on data-protection through the use of encryption. When implemented properly, encryption has the ability to secure data; however, the challenge has always been with the protection and management of the cryptographic keys responsible for decrypting sensitive data. While the industry has come up with many schemes and technologies " sometimes expensive - to address those needs, the SKLES is the first appliance to include all major desired cryptographic features at this price.

    "In light of the worst recession since the great depression, we believe that companies " much like consumers " will focus on value" said Noor. "As StrongKey did four years ago, StrongKey Lite raises the bar for value in encryption and key management solutions".

    About StrongAuth, Inc.

    StrongAuth develops advanced solutions related to the use of symmetric and asymmetric-key cryptography. It has been building some of the largest key-management infrastructures since 2001 for companies in the pharmaceutical, financial, DRM, bio-technology, retail and service industries. More information on StrongAuth and its products " StrongKey and StrongKey Lite " can be found at http://www.strongauth.com.

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    Commentary
    How SolarWinds Busted Up Our Assumptions About Code Signing
    Dr. Jethro Beekman, Technical Director,  3/3/2021
    News
    'ObliqueRAT' Now Hides Behind Images on Compromised Websites
    Jai Vijayan, Contributing Writer,  3/2/2021
    News
    Attackers Turn Struggling Software Projects Into Trojan Horses
    Robert Lemos, Contributing Writer,  2/26/2021
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Write a Caption, Win an Amazon Gift Card! Click Here
    Latest Comment: George has not accepted that the technology age has come to an end.
    Current Issue
    2021 Top Enterprise IT Trends
    We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
    Flash Poll
    How Enterprises are Developing Secure Applications
    How Enterprises are Developing Secure Applications
    Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2009-20001
    PUBLISHED: 2021-03-07
    An issue was discovered in MantisBT before 2.24.5. It associates a unique cookie string with each user. This string is not reset upon logout (i.e., the user session is still considered valid and active), allowing an attacker who somehow gained access to a user's cookie to login as them.
    CVE-2020-28466
    PUBLISHED: 2021-03-07
    This affects all versions of package github.com/nats-io/nats-server/server. Untrusted accounts are able to crash the server using configs that represent a service export/import cycles. Disclaimer from the maintainers: Running a NATS service which is exposed to untrusted users presents a heightened r...
    CVE-2021-27364
    PUBLISHED: 2021-03-07
    An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.
    CVE-2021-27365
    PUBLISHED: 2021-03-07
    An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length...
    CVE-2021-27363
    PUBLISHED: 2021-03-07
    An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file system...