BECAUSE
DATA
CAN’T
DEFEND
ITSELF
Not so long ago, it was much easier to protect your data. Perimeter
defenses were in place and there were only so many ways in. Data
came in from IT-approved, enterprise-controlled devices and
applications. It lived on your servers and storage arrays. It was
protected by walling off the outsiders and trusting your insiders.
But things have changed in a big way. Now, more data than ever is collected from more applications, users, devices, and connected hardware, with dwindling amounts of it under enterprise control. New forms of doing business demand easy access from the outside. With the emergence of the cloud, your data may not even be on the inside anymore. And “insiders” with access to your data increasingly include third parties who don’t work for your organization at all.DATA IS MORE DEFENSELESS THAN EVER
We are now able to access our data from nearly anywhere in the world. This is a landmark achievement for business. But it also opens up far more vulnerabilities for malicious parties to steal or compromise sensitive information: in the cloud, in data warehouses, over enterprise systems, with privileged credentials (either compromised or legitimately-obtained).
Data’s lack of any natural defenses wasn’t a cause for serious concern when strong perimeter barriers were enough to defend it, but things have changed. Like a mighty fortress overgrown by roots and vines, older models of defense are now untenable. Laws passed by governments to protect personal information and intellectual property through compliance requirements are a start, but it is not enough—especially for businesses operating globally.
Vormetric Insider Threat Report
Recently, Vormetric and The Enterprise Strategy Group (ESG, Inc.) surveyed over 700 IT decision-makers about issues concerning insider threats and privileged users. There are some revealing responses:
• 73% of organizations fail to block privileged user access
• 54% believe insider threats are now more difficult to prevent than in 2011
• 46% believe they’re vulnerable to insider attacks despite current precautions • A mere 24% detect anomalous data access in real time
The growing challenges of shielding data from sophisticated threats are weighing on the minds of IT professionals and C-level leadership alike— and making Vormetric’s data security solution more relevant than ever.
THE GAME OF
DATA DEFENSE
My concern with encryption was the overhead on user and application performance. With Vormetric, people have no idea it’s even running. Vormetric Encryption also saved us at least nine months of application rewrite effort, and its installation was one of the easiest we’ve ever experienced.
DATA DEFENSE
OVER 1,400 GLOBAL
CUSTOMERS TRUST
Since data has no natural defenses—it can’t fly away, armor up, or
burrow down—it requires protection that’s as close to it as possible.
This is precisely what Vormetric provides.
Trusted by businesses and governments for over a decade, Vormetric’s data-centric security architecture is currently busy securing the data of over 1,400 global customers—including 17 of the Fortune 30.
Vormetric addresses industry compliance mandates and government regulations globally by securing data in traditional on-premise, virtual, Cloud and Big Data infrastructures, through:
Access Policies and Privileged User Control
Fine-grained control to determine who can access specific data in
order to block privileged users such as root as well as Advanced Persistent Threats (APTs).
Data Encryption and Centralized Key Management
Lock down data using strong industry approved algorithms coupled with a security appliance for key and policy management.
Security Intelligence
Compliance reports and continuous monitoring provide visibility and sophisticated analytics on access to sensitive data.
HEAVY-DUTY SECURITY THAT’S LIGHT ON ITS FEET
THE VORMETRIC
DATA SECURITY
PLATFORM
The Vormetric Data Security Platform consists of product offerings that share a common, extensible
implementation infrastructure. This enables simplified management and implementation delivering
protection on multiple data security fronts.
Working simultaneously across all environments—physical, virtual and cloud—it’s a platform that can be centrally managed. It’s also transparent to users and applications, enabling you to protect structured, unstructured and big-data environments.
Certificate Storage Privileged User Access Control SIEM Integration Security Intelligence Collection Application- Layer Unstructured Files Structured Databases Big Data Cloud TDE Key Management KMIP Compliant Keys Vormetric Data Security Manager
What really sets the Vormetric Data Security Platform apart is the ability to keep your distributed data
safe and your business operations running smoothly with centralized control.
SECURING DATA WHERE IT LIVES
By combining encryption at the file system with integrated key management, Vormetric Transparent Encryption protects and controls access to sensitive data in your Cloud, Big Data, database, and file servers—now and in the future. This is accomplished with no changes to your applications and without altering your infrastructure or business practices.
Vormetric Application Encryption enables organizations to design and embed security directly into their applications when necessary. With this solution the data is secured from the application, through transmission, and into storage.
Whether you are using Vormetric Transparent Encryption or Vormetric Application Encryption, you will be able to centrally manage access policies for privileged user control, data encryption, key management, and collect security intelligence for use in
reporting and anomaly detection.
DETECTING THREATS AND ISSUING ALERTS
Vormetric understands that protecting your data is good, but not good enough; you need awareness of who and what’s accessing your private and confidential data, including privileged users masquerading as other users. Every time someone attempts to access a resource under Vormetric’s protection, rich logs of who, when, where, which policies applied, and the resulting action can be generated.
MANAGING USER ACCESS
63% of IT decision-makers feel vulnerable to abuses of privileged access rights. That’s a disturbing number. It’s also why Vormetric can make sensitive data invisible to unauthorized users, including privileged users. Users may require unrestricted access to the system to do their work, but they don’t need to see the data itself. With Vormetric, you can manage their access just like you’d do with any other users, permitting them to access and view only the data they need to do their jobs.
Vormetric’s data-centric architecture places the safeguards and access con-trols at the absolute optimal position: with the data, irrespective of where it is located across our whole environment. Praveen Sharabu
The race to innovate in the cloud and with Big Data opens up
unprecedented risk. For the cloud, you not only have to trust your
own administrators, but also those of your cloud provider. As a
result, insider attacks are no longer limited to the inside.
Big Data consolidates a rich set of analytics and information which brings along with it new risks and compliance concerns. Fortunately, Vormetric can apply the same controls used in traditional environments to ensure that only authorized users can view sensitive information in cloud and Big Data environments.
The Vormetric Data Security Platform secures and controls your data, no matter whose Cloud or Big Data solution you are using. You can control who can access the data, anywhere it lives, and see who’s attempting to do so. In the event of suspected intrusion or compromise, you retain the ability to digitally shred your information by revoking keys that only you control.
DEFENSE THAT EXTENDS
TO THE CLOUD
AND BIG DATA
A POWERFUL NETWORK OF ALLIES
The Vormetric partner ecosystem is a collection of value-added resellers, OEM partners, technology and cloud service provider partners that bring confidence to any Vormetric deployment. Drawing on their many resources gives Vormetric global reach and gives you ease of access and a fully supported infrastructure for data security and compliance.
• Vormetric’s reseller, distribution and OEM partners (including IBM and Symantec) are highly trained in designing and delivering data protection solutions.
• Technology partners like Cloudera, CouchBase, DataStax, HP, Imperva, LogRhythm, MongoDB, and Splunk have proven interoperability and integration solutions deployed for enterprise customers.
• Members of Vormetric’s Cloud Partner program (including Cirrity, CloudHesive, Compushare, Firehost, GNAX, Google, and Microsoft Azure) deliver best-in-class data security services to their customers through the delivery or support of the Vormetric Data Security Platform.
Organizations have increasingly adopted Rackspace as their provider of choice for enterprise class cloud and hosting solutions. With Vormetric, we’ve added new capabilities to extend data security practices to our customer implementations across our managed cloud platform.
John Engates CTO
REPORTS FROM THE FRONTLINE
With Vormetric, there is absolutely no noticeable impact on the performance or usability of applications. I am very excited at how easy the solution is to deploy, and it has always performed flawlessly.
Christian Muus Director of Security
Teleperformance EMEA
Vormetric Data Security provides us with a high degree of control over how data is encrypted. For Empyrean the biggest benefit is it enables us to offer a secure cloud solution that sets us apart from our competition because of its data-centric approach to security.
Rick Miller
Vice President of Information Technology
Empyrean Benefit Solutions, Inc.
Implementing Vormetric has given our own clients an added level of confidence in the relationship they have with us; they know we’re serious about taking care of their data.
Audley Dean
Senior Director of Information Security
BMC Software
Vormetric has put us in the fantastic position of being able to support any encryption deployment model and any data, application and platform combinations that our clients want to use.
Pete Nicoletti CISO
PUT VORMETRIC TO WORK FOR YOU
To learn more about how Vormetric can protect your valuable data where it matters, visit Vormetric.com or contact us at info@vormetric.com.
Global Headquarters 2545 N. 1st Street, San Jose, CA 95131 Tel: +1.888.267.3732 Fax: +1.408.844.8638 www.vormetric.com
EMEA Headquarters 200 Brook Drive Green Park, Reading, RG2 6UB United Kingdom Tel: +44.118.949.7711 Fax: +44.118.949.7001 APAC Headquarters 27F, Trade Tower, 159-1 Samsung-dong, Gangnam-gu, Seoul. (135-729) Tel: +82.2.6007.2662