Vormetric Data Security Platform

Product Overview

The Vormetric Data Security Platform consists of data protection product offerings that share a common, extensible implementation infrastructure for delivering data at rest encryption, enterprise key management, access control and security intelligence across the enterprise. Vormetric makes it simple to solve today’s and future security and compliance concerns by simultaneously defending data in databases, files and Big Data nodes across cloud, virtual or traditional infrastructures. The data security platform products are centrally managed, making it easy to extend data security protection and satisfying compliance requirements across the entire enterprise, over time, without adding new hardware or increasing operational burdens.

Data Security Platform Products

Defending Data Where It Lives

By combining encryption at the file system level with integrated key and policy management, Vormetric Transparent Encryption protects and controls access to sensitive data in your Cloud, Big Data, database, and file servers. After protecting your sensitive data, least privileged access policies are enforced, preventing privileged insiders and APTs from accessing your data. Because this is “transparent” encryption, there are no changes required to your applications, infrastructure or business practices. Your users will never even know that the sensitive data that they were accessing is now secure, unless they tried to access it in an unauthorized fashion!

Defending Data Where It Begins

Vormetric Application Encryption enables organizations to design and embed encryption capabilities directly into their applications, when necessary. With this data security protection product, the data is protected from the application, through transmission, and into storage. Most commonly, deploying this data security protection product is to meet specific compliance requirements or to take specific data out of compliance scope. Vormetric removes the complexity and risk of building encryption into an application by providing libraries for NIST approved AES encryption and simplifying key management with the Data Security Manager.

Simplify and Centralizing Enterprise Key Management

A common data security challenge is how to manage and maintain all the different key and certificate management solutions. Vormetric Key Management delivers centralized control of the most common encryption key management requirements in order to reduce the on-going management and maintenance burden of multiple solutions. Vormetric Key Management not only manages the keys and policies for the Vormetric data security protection products, but it is also a KMIP server, manages keys for Oracle and Microsoft SQL Server Transparent Data Encryption (TDE), handles certificate inventory and can securely store any object, such as passwords. The Vormetric Key Management solution offers an intuitive web based interface and APIs. It is typically deployed in an architecture to meet the most demanding high-availability SLAs.

Detecting Threats and Issuing Alerts

Vormetric understands that protecting your data is good, but not good enough; you need awareness of who and what’s accessing your private and confidential data, including privileged users masquerading as other users. Every time someone attempts to access a resource under Vormetric’s protection, rich logs of whom, when, where, which policies applied, and the resulting action can be generated. Because sifting through the rich granular data of Vormetric’s event logs can be time consuming, Vormetric integrates with leading SIEM (Security Information and Event Management) systems, including HP ArcSight, Splunk, IBM QRadar and LogRhythm, adding to their value with new inside-the-fence security intelligence and awareness. With pre-defined reports and visualizations, you’ll be better able to pinpoint which events are worth further investigation.

Compliance, Regulations and Contractual Mandates

Vormetric addresses industry compliance mandates, global government regulations and contractual mandates by securing data in traditional on-premise, virtual, Cloud and Big Data infrastructures, through:

  • Data at Rest encryption and centralized enterprise key management to lock down data using strong industry approved algorithms coupled with a virtual or physical FIPS 140-2 Level 3 certified appliance for key and policy management.
  • Simplify the creation and consistent enforcement of data access and privileged user control policies. Fine-grained control to determine whom can access specific data in order to block privileged users, such as root, as well as preventing Advanced Persistent Threats (APTs) from gaining access to protected data.
  • Vormetric Security Intelligence delivers the fine-grained details of data access required to prove compliance to auditors. In addition, leveraging Vormetric Security Intelligence connectors and reports for popular SIEM tools simplifies integration and analysis.

ARCHITECTURE WHITEPAPER

Vormetric Data Security Architecture

Vormetric Data Security Architecture

A comprehensive architecture for data-centric security leveraging encryption, access controls and security intelligence across physical, virtual and traditional environments.   Download

 

ANALYST REPORT

2013 Vormetric Insider Threat Report

Analyst Report

73% of Organizations Fail to Block Privileged User Access. This report was administered by The Enterprise Strategy Group (ESG).   Download