SECURING DATA IN NAS ENVIRONMENTS

Vormetric Data Security Use Cases

The Security Imperative in NAS Environments

Within today’s organizations, network-attached storage (NAS) environments represent massively expanding collections of data—including virtually any sensitive, proprietary, and regulated assets the business accumulates.

Too often, these vital repositories remain exposed. While many NAS vendors offer self-encrypting drives, these alternatives only offer safeguards at the physical level. In other words, they can help eliminate the exposure associated with a lost or stolen hard drive, but they offer no protections against malicious administrators, compromised credentials, advanced persistent threat (APT) attacks, and more.

The Solution: The Vormetric Data Security Platform

With the Vormetric Data Security Platform, your organization can institute strong, comprehensive protections around the sensitive assets that are stored in your NAS environments. The Vormetric Data Security Platform features these offerings:

  • Vormetric Transparent Encryption. This product provides file system-level high-performance encryption and least-privileged user access controls for files, directories, and volumes. Vormetric Transparent Encryption offers the capabilities you need to employ strong encryption, with minimal effort and performance implications. With Vormetric Transparent Encryption, you can secure sensitive assets in your databases, before they are ever saved to your NAS environments.
  • Vormetric Application Encryption. Vormetric Application Encryption simplifies the integration of encryption into existing corporate applications. The solution enables fields and columns in databases that contain sensitive data to be encrypted, so they can be secured before they are written to the NAS environment. The product features standard-based APIs, which are used to perform cryptographic and key management operations.
  • Vormetric Security Intelligence. With the Vormetric Data Security Platform, all attempts to access protected data are logged. Vormetric Security Intelligence can deliver granular file access logs to popular security information and event management (SIEM) systems. These security intelligence logs can accelerate detection of advance persistent threats (APTs) and insider abuse because they offer visibility into file access. Further, these logs provide vital intelligence needed to track and demonstrate compliance.

Vormetric for NAS Environments: Key Features

The Vormetric Data Security Platform delivers these key capabilities:

  • Strong separation of duties. With the Vormetric Data Security Platform, administrators can create a strong separation of duties between privileged administrators and data owners. The Vormetric Data Security Platform encrypts files, while leaving their metadata in the clear. In this way, NAS administrators can perform their system administration tasks, without being able to gain access to the sensitive data residing on the systems they manage.
  • Physical safeguards. The Vormetric Data Security Platform provides comprehensive protection of encrypted data, even if a hard drive should be stolen from the data center or improperly disposed of after failure. No matter who gains access to the drives, they won’t be able to decrypt and use the data in the clear.
  • Digital shredding. All a security team has to do is delete a key, and they can ensure that any data encrypted using that key will effectively be digitally shredded, and never be accessed in the clear.

WEBCAST

Database Security: Don’t Forget to Lock the Back Door

Database Security: Don’t Forget to Lock the Back Door

Would you ever consider leaving your house for the day without locking your door?

Watch Now >>

SOLUTION BRIEFS

Vormetric Security Solutions

Security Solutions for EMC Isilon Scale-Out NAS

Security Solutions for EMC Isilon Scale-Out NAS

Download >>

RELATED QUOTE

 With commercial tools, such as Vormetric, you can actually give certain people certain access without root-level privileges. You can encrypt your data in storage to set up roles of who actually gets to see the data. The admins can do their jobs, and they don’t get access to any data files. 

Robert Bigman,
Former CISO at the CIA
GovInfoSecurity – June 21, 2013

 I've been a systems engineer, systems administrator … When you're in positions of privileged access like a systems administrator for the intelligence community, you're exposed to a lot more information on a broader scale than the average employee. 

Edward Snowden
Former infrastructure analyst
at the NSA – June 2013

SOLUTION BRIEFS

Encryption Architecture

Safeguarding Data with Privileged User Access Controls

Download >>

The Vormetric Digital Digest on Data Security

Customer and Partner Success

  • Rackspace Cloud Partners
  • McKesson
  • AWS
  • Google Compute Engine
  • Microsoft
  • IBM
  • CenturyLink
  • QTS
  • Teleperformance Secures
  • Delta Dental