Vormetric Big Data and Cloud Security

Vormetric Blog

Subscribe to Vormetric Blog: eMailAlertsEmail Alerts
Get Vormetric Blog: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Related Topics: Security Journal, Secure Cloud Computing, Security

Blog Feed Post

Full Disk Encryption Is Physical Security By @Vormetric | @CloudExpo [#Cloud]

For a laptop that is moved around from office to home or out on a business trip full disk encryption should be standard

Full Disk Encryption Is Physical Security, Not IT Security

What threats are you trying to mitigate with full disk encryption? For a laptop that is moved around from office to home or out on a business trip full disk encryption should be standard. You need to protect that asset in the event of theft or loss of the device. It’s a great physical security. When properly implemented full disk encryption will render any information stored on that device useless. That’s great for a laptop, but what about your data center?

ClickToTweet: Full Disk Encryption – Physical Security, Not IT Security #DefenderOfData http://bit.ly/1zXGHpO

How much risk do you have of someone stealing disks from your datacenter? Take the average life span of a hard drive. The enterprise class hard drive is designed to last a minimum of 5 years. During that 5 years a SAN or NAS filled with hard disks is expected to have at least 99.999 percent uptime or better. So if you take the same approach to securing data in your datacenter as you did with your laptop, what risk have you really mitigated? None. 99.999% of the time, as that disk is up and running in the datacenter you have provided ZERO additional protection for your data. Just because it says encryption on the label does not mean security.

Can you name a single major breach in recent years that was a result of someone stealing a server or a hard drive, or a drive that was lost from a datacenter in shipping? If it’s happened, it certainly wasn’t reported in the media and wasn’t a significant impact. So where does that leave you for securing data in your back office? When you look at encryption for the data center seriously consider when and how it’s applied. Look for a solution that can mitigate risks to that data while the data is available in the datacenter. Your solution should:

  • Block out unauthorized users – this should include root/admin users
  • Lock out unauthorized processes
  • Implement quickly – not require significant re-architecture or re-design on your applications
  • Work with 3rd party applications where you cannot change the data structure or code

Vormetric is a market leader because of the options you have in applying controls to that data in multiple different ways. You can encrypt you sensitive data in storage for your databases as well as your unstructured data without making any changes to the app or database. Vormetric applies additional controls to that encrypted data to lock it down so only specific users and approved processes have access to the data. This additional level of security for your data can lock the data down and remove the threat of an admin or root account being compromised, or malware trying to access the data at rest on your most critical systems.

The post Full disk encryption is Physical Security, not IT Security appeared first on Data Security Blog | Vormetric.

Read the original blog entry...

More Stories By Vormetric Blog

Vormetric (@Vormetric) is the industry leader in data security solutions that span physical, big data and cloud environments. Data is the new currency and Vormetric helps over 1400 customers, including 17 of the Fortune 30 and many of the world’s most security conscious government organizations, to meet compliance requirements and protect what matters — their sensitive data — from both internal and external threats. The company’s scalable Vormetric Data Security Platform protects any file, any database and any application’s data —anywhere it resides — with a high performance, market-leading data security platform that incorporates application transparent encryption, privileged user access controls, automation and security intelligence.