Critical Data Security and Protection in Virtualized Machines
When you’re running sensitive data in fluid virtual machines, a lot can change—including the location of a given asset, the underlying physical server, and more. However, critical demands don’t change: sensitive assets need to be secured at all times. To address security policies and compliance mandates in virtualized machines, robust, persistent, and auditable controls need to be applied.
Vormetric Transparent Encryption delivers the virtual server security capabilities you need to safeguard your sensitive assets. Whether you’re running VMware, Microsoft Hyper-V, KVM (Kernel-based Virtual Machine), or any other standard virtualization platform, Vormetric can help you address your critical security compliance requirements, with unparalleled efficiency and low cost of ownership. Vormetric Transparent Encryption delivers these security capabilities for virtual server protection:
- Data-at-rest encryption. Vormetric enables you to encrypt data at the file system or volume level within virtual machines (VMs) and then use fine-grained, centrally managed policies to control access to protected data. As a result, you can enforce security policies and track access, no matter where data is copied or moved.
- Granular access controls. Vormetric Transparent Encryption provides fine-grained, policy-based access controls that restrict access to encrypted data. Privileged users—whether cloud, virtualization, or storage administrators—can manage systems, without gaining access to encrypted data, unless they have expressly been granted permissions to do so.
- Detailed security intelligence. Vormetric logs capture all access attempts to protected data. These security intelligence logs can accelerate detection of advance persistent threats (APTs) and insider abuse because they offer visibility into file access. Further, these logs provide vital intelligence needed to track and demonstrate security compliance.
Example of Vormetric Transparent Encryption protecting virtual machine data
In addition, Vormetric Application Encryption can be used to add encryption capabilities to existing applications. With Vormetric Application Encryption, specific columns in a database, such as social security numbers or credit card numbers, can be encrypted.
- Automation. For fast rollouts and integration within virtualized machines, both web and command-line level APIs provide access to the Vormetric Data Security environment for policy management, deployment, and monitoring.
- Multi-tenancy. By delivering capabilities for segregating security management domains, Vormetric helps organizations address internal security policies and compliance mandates. Further, these security capabilities enable service providers to establish strong boundaries between customer environments, while still leveraging centralized visibility and control of security policies and activities.
- Flexible, central administration. Vormetric Transparent Encryption offers support for implementation in a range of Linux and Windows operating systems. All policy and encryption key administration is done through the Vormetric Data Security Manager, which can be deployed as a physical appliance or virtualized service, and either on or off premise, according to your objectives and environments.
- Complete data protection. Vormetric Transparent Encryption is part of the Vormetric Data Security Platform, a comprehensive encryption security solution that makes it simple to secure all your organization’s sensitive data, whether it resides in virtualized, physical, big data, or cloud environments.