Data Security

Thales announces new security-as-a-service for centralized control of encryption keys used for Microsoft Azure and AWS

Grazed from Thales

Thales, a leader in critical information systems, cybersecurity and data security, announces CipherTrust Cloud Key Manager for support of Microsoft Azure Key Vault and Amazon Web Services (AWS) Key Management Service (KMS) bring your own key (BYOK) capabilities. The solution allows users of these dominant public cloud solutions to meet compliance mandates and further protect their most sensitive data by creating and managing encryption keys separate from their cloud provider's infrastructure.

To help save time and money, a growing number of enterprises are eschewing legacy technologies in favor of cloud and SaaS environments. While these technologies are digitally transforming businesses, they present challenges: enterprise data is fair game for cybercriminals regardless of operating environments, and meeting compliance and best practices requirements isn't always straightforward. In response, enterprises are developing encryption strategies to better protect and control their data. While effective, this presents a new hurdle; when considering that many enterprises utilize multiple cloud providers, the management of encryption keys can prove difficult.

Thales CipherTrust Cloud Key Manager offers a number of benefits to help enterprises control and secure encryption keys in multi-cloud environments, including:

Skyhigh Targets Cloud Adoption Challenges With Three Breakthrough Cloud-Native Data Security Innovations

Grazed from Skyhigh

At the company's first-ever livestreamed Cloud-Native Data Security Summit at 10 a.m. PDT today, Skyhigh, the cloud security company, will unveil three innovations that enable organizations to protect data in the cloud. These new breakthroughs aims to solve unique security challenges that the scale, speed and user-centric nature of the cloud present, and thus enable organizations to leverage the power of cloud to accelerate their businesses.

Data is an organization's most valuable asset. As organizations strive to identify, control and protect data in the cloud, and a world in which traditional network-centric security technologies become less relevant, they must reframe their security strategy to focus on securing data natively in the cloud. This is the foundational premise of Skyhigh's Cloud-Native Data Security (CNDS) framework.

"Today, we are in the age of cloud. And within the persistent ebb-and-flow of information, security needs to empower IT to provide data protection without disrupting the breakneck speed of modern business," said Mauro Loda, Chief Cloud Security Architect, DuPont. "With a CNDS approach, we can enforce security policies like data loss prevention (DLP), rights management, data classification, threat protection and encryption through a single security platform designed in the cloud, for the cloud."

PhoenixNAP to Launch Data Security Cloud in Collaboration with VMware

Grazed from PhoenixNAP

PhoenixNAP, a global IT services provider offering cloud, bare-metal dedicated server, colocation, and Infrastructure-as-a-Service (IaaS) solutions, today announced the upcoming launch of its Data Security Cloud - a new cloud security platform architected on the latest VMware technologies. PhoenixNAP's Data Security Cloud will address growing security concerns for businesses of all sizes and across industries, including those with heavy compliance and security demands to protect their workloads in the cloud.

According to reports, more than 90 percent of traffic resides within the data center, where perimeter security protections do not inspect the traffic*, and the average data center experiences two successful attacks per day**. The problem is growing quickly as almost two billion data records around the world were lost or stolen during 918 different cyberattacks in the first half of 2017, an increase of 164 percent over the same period last year. The toll on businesses is significant: two-thirds of firms breached had their share price negatively impacted with a cost to shareholders of over $52.40 billion. Today the question for business and security leaders is not if there will be a breach but when and how to contain the impact.

WinMagic Enters Amazon Web Services (AWS) Marketplace With SecureDoc CloudVM

Grazed from WinMagic

In its mission to secure the agility and flexibility of cloud computing environments, today WinMagic announced the immediate availability of SecureDoc CloudVM in the Amazon Web Services Marketplace. WinMagic, an award-winning encryption and intelligent key management security solution provider, is now featured on the Marketplace's Software Infrastructure + Security category, bringing key management, volume and full disk encryption for customers operating on AWS cloud computing infrastructure. By combining WinMagic's SecureDoc CloudVM data security solution with the agility and elasticity of AWS public cloud services, enterprises can focus on driving business value, rather than trying to manage multiple security solutions.

"With over 1 Million active enterprise customers, Amazon Web Services' Marketplace provides a channel with near endless opportunity for WinMagic," states James LaPalme, VP of Cloud Solutions, WinMagic. "These enterprises have moved to the cloud to harness their greater need for agility, security, and efficiency. SecureDoc CloudVM provides customers greater control and certainty over their data security with an intelligent enterprise-controlled, Cloud-agnostic key management & encryption solution, protecting their sensitive data, no matter where it resides -- helping ensure enterprises realize Cloud benefits to their full potential."

Data Security Guidance for Small Businesses

With high profile cyber attacks occurring on a regular basis, people who run small businesses are becoming increasingly concerned about their data security processes. For regulated businesses, there is a requirement to provide evidence that the company complies with the minimum requirements. For small businesses that don't have the same level of scrutiny as the larger, highly regulated businesses it can be harder to find support and guidance on responsibilities. 

However, businesses of all sizes must start paying more attention to the threat of cyber attacks, given that the type of businesses that criminals are targeting varies from a small start-up business to a global company that is a household name. Recently we have seen numerous cyber attacks hitting the news headlines, such as payday loan company Wonga who was subjected to an attack, leaving 245,000 customers affected. 

Datrium Introduces Industry-First Blanket Encryption for Private Clouds

Grazed from Datrium

Datrium, the leading provider of Open Convergence for cloud builders, today announced Datrium Blanket Encryption, an industry-first software product that combines always-on efficient deduplication and compression technology with high-speed, end-to-end encryption: in use at the host, in flight across the network and at rest on persistent storage.

The number of breaches within the US have quadrupled from 2005 to 2015, and the year 2016 accounted for seven of the ten biggest data breaches ever. With threats rising, the requirement to encrypt data everywhere - from host-to-storage, between hosts, and between sites - is becoming standard. However, leading storage arrays and hyper-converged systems only protect data at rest and do not protect against host or network intrusions. Guest operating systems and hypervisors offer encryption at the source, but at the expense of data reduction required by the economics of modern flash storage.

Security and Economics Without Compromise
Datrium offers a fundamentally new and comprehensive approach.  By deduplicating and compressing data, then encrypting while it is still in the application host's memory (RAM), Datrium Blanket Encryption can then move data across hosts, networks and storage that is always encrypted and efficient. 

mLab Announces Encryption-at-Rest for Hosted MongoDB Databases

Grazed from mLab

mLab, the fully managed cloud Database-as-a-Service (DBaaS) for MongoDB, today announced that the platform’s most popular plans now include encryption-at-rest. This additional, opt-in data security measure will be available for customers at no additional cost.

mLab is making encryption-at-rest available to its Database-as-a-Service customers on Dedicated Standard and High Storage plans, covering deployments across both Amazon Web Services and Google Cloud Platform. Already offering customers in-flight encryption via SSL to secure data transmission over networks, encryption-at-rest furthers mLab’s commitment to enterprise security by encrypting data on disks and wherever backups are stored. The feature is designed so that there will be minimal performance impact on the database.
 

SaberLogic Releases New SaaS Product to Provide Secure Mobile Access to Enterprise Data

Grazed from SaberLogic

SaberLogic has released Bezlio, a new SaaS product that makes it easy for companies to provide data from sources like ERP and accounting systems to any PC or device, including mobile devices like smartphones (iPhone and Android) and tablets. The software uses a unique process of transferring data securely without opening any holes in the firewall or storing any information in the cloud. 

How It Works

Bezlio uses a secure, token-based system through an encrypted cloud-based communication network to connect the data that sits behind your firewall, inside of your private network, with any trusted mobile device across the Internet.  Administrators can control which users are permitted to connect and the data they can read and edit. 

HyTrust Cloud Survey Finds Enterprises Are Rapidly Embracing Multi-Cloud Strategies, Slacking on Data Encryption and Security

Grazed from HyTrust

Today, HyTrust Inc., a leading workload security provider, announced findings from its latest cloud survey conducted at VMworld 2016, in Las Vegas. The survey of over 400 respondents assesses the current use of public cloud vendors, the industry shift to utilizing a multi-cloud model, and how enterprises are protecting data in these cloud environments.

The results, which highlight enterprise preferences for key public cloud providers including Amazon Web Services (AWS), Microsoft Azure, IBM Cloud, and VMware's vCloud Air, also found that more than a quarter of organizations deploying data, applications, and workloads to public cloud ecosystems are not using any form of encryption, leaving sensitive data vulnerable to breaches. As we see more and more enterprises move critical data to multiple clouds, the lack of data security and encryption is not only counter to security being named the leading concern, but it may become even more of an issue with broader negative consequences.

Don't Rush Into Containers Without a Security Strategy - Join this Beta Program

Written by Fei Huang, Founder & CEO of NeuVector

NeuVector's Container Security Solution - Join Beta Program

There are many benefits of containers which are driving the popularity of container platforms like Docker.

It is easy to forget that container deployments are fairly new and the threats unknown. Like virtualization did, containers will bring a new set of risks, threats, and vulnerabilities to be assessed and mitigated. Lock

At NeuVector we're developing a run-time container security solution which protects running containers where and when they are most at risk - at run-time. In a nutshell, without giving away too many secrets, NeuVector will: