The Vormetric Data Security Platform consists of data protection product offerings that share a common, extensible implementation infrastructure for delivering data at rest encryption, enterprise key management, access control and security intelligence across the enterprise. Vormetric makes it simple to solve today’s and future security and compliance concerns by simultaneously defending data in databases, files and Big Data nodes across cloud, virtual or traditional infrastructures. The data security platform products are centrally managed, making it easy to extend data security protection and satisfying compliance requirements across the entire enterprise, over time, without adding new hardware or increasing operational burdens.
By combining encryption at the file system level with integrated key and policy management, Vormetric Transparent Encryption protects and controls access to sensitive data in your Cloud, Big Data, database, and file servers. After protecting your sensitive data, least privileged access policies are enforced, preventing privileged insiders and APTs from accessing your data. Because this is “transparent” encryption, there are no changes required to your applications, infrastructure or business practices. Your users will never even know that the sensitive data that they were accessing is now secure, unless they tried to access it in an unauthorized fashion!
Vormetric Application Encryption enables organizations to design and embed encryption capabilities directly into their applications, when necessary. With this data security protection product, the data is protected from the application, through transmission, and into storage. Most commonly, deploying this data security protection product is to meet specific compliance requirements or to take specific data out of compliance scope. Vormetric removes the complexity and risk of building encryption into an application by providing libraries for NIST approved AES encryption and simplifying key management with the Data Security Manager.
A common data security challenge is how to manage and maintain all the different key and certificate management solutions. Vormetric Key Management delivers centralized control of the most common encryption key management requirements in order to reduce the on-going management and maintenance burden of multiple solutions. Vormetric Key Management not only manages the keys and policies for the Vormetric data security protection products, but it is also a KMIP server, manages keys for Oracle and Microsoft SQL Server Transparent Data Encryption (TDE), handles certificate inventory and can securely store any object, such as passwords. The Vormetric Key Management solution offers an intuitive web based interface and APIs. It is typically deployed in an architecture to meet the most demanding high-availability SLAs.
Vormetric understands that protecting your data is good, but not good enough; you need awareness of who and what’s accessing your private and confidential data, including privileged users masquerading as other users. Every time someone attempts to access a resource under Vormetric’s protection, rich logs of whom, when, where, which policies applied, and the resulting action can be generated. Because sifting through the rich granular data of Vormetric’s event logs can be time consuming, Vormetric integrates with leading SIEM (Security Information and Event Management) systems, including HP ArcSight, Splunk, IBM QRadar and LogRhythm, adding to their value with new inside-the-fence security intelligence and awareness. With pre-defined reports and visualizations, you’ll be better able to pinpoint which events are worth further investigation.
Vormetric addresses industry compliance mandates, global government regulations and contractual mandates by securing data in traditional on-premise, virtual, Cloud and Big Data infrastructures, through: