Gemalto Safenet Solution for Cloud Data Security
Click Here to jump to pricing!
Overview:
Data Protection for the Cloud
Cloud and virtualization gives you agility and efficiency to instantly roll out new services and expand your infrastructure. But the lack of physical control, or defined entrance and egress points, bring a whole host of cloud data security issues – data co-mingling, privileged user abuse, snapshots and backups, data deletion, data leakage, geographic regulatory requirements, cloud super-admins, and many more.
Fortunately, Gemalto's proven SafeNet two-factor authentication, encryption, and enterprise key management solutions turn any cloud environment into a trusted and compliant environment by solving the critical challenges of data governance, control, and ownership - no matter where you store your data.
Security Wherever You Need It
Cloud Data Security Challenges We Address:
Data Replication & Lack of Visibility
Snapshots and backups are taken daily, or even hourly, and automatically stored in the cloud. Do you know where they’ve been stored, or who can move and copy them? Can you trace unauthorized copying of data?
New Class of Privileged Users
Virtualization and cloud computing require cooperation between security, storage, server, application, and cloud security admins – all with access to your most sensitive data. With this number of people, the risks of failing an audit, or an admin going rogue, grow exponentially.
Data Loss from a Breach
In minutes, a disgruntled employee can load an entire virtual machine onto a thumb drive. Virtual data is easily lost or exposed as it moves between VMs or in the cloud. Can you prove that authorized users are accessing your data within their defined policies? Can you block access to compromised information?
Security in Public Cloud Environments
SafeNet identity and data protection solutions help organizations that want to utilize Amazon Web Services, Microsoft Azure, IBM Softlayer, and VMware public cloud environments as well as applications developed on the Cloud Foundry platform.
"Gemalto SafeNet ProtectV is a complete, well-designed solution that runs seamlessly in AWS environments. ProtectV gives us a robust, well-defined process for protecting data, so we can effectively retain the control we need over our sensitive information, harnessing the business benefits of AWS cloud offerings securely."
- Marcus Fritsche, CTO, Informa Group IT
Cloud Encryption and Authentication Solutions
Gemalto has developed a comprehensive set of cloud security solutions so that businesses can enjoy the full benefits of cloud computing while maintaining control in virtual environments. Our SafeNet solutions provide a data-centric approach, and allow for the expansion of the existing cloud computing security. The end result: a seamless and secure cloud deployment.
Cloud and Virtual Data Center Migration
More and more organizations are optimizing their environments by moving workloads to virtual machines (VMs) and the cloud. But many people hold on to the idea that virtualization isn’t a viable option because of the highly sensitive data they need to store and manage. On the contrary, with the right security mechanisms, any organization can migrate high-value data to the cloud or virtual data center.
How SafeNet Solutions Help:
- Cloud Migration Solutions: Prepare for cloud computing by securing your data center.
- Virtual Data Center Security: Encrypt and secure the entire contents of your virtual machines, protecting sensitive assets from theft or exposure.
Encryption for Sensitive Data in the Cloud
Gemalto offers a complete ecosystem of SafeNet security solutions that combine persistent protection, flexible encryption, identity protection, and secure communications. With these capabilities, Gemalto customers gain complete control over how data is isolated, protected and shared – even in multi-tenant cloud environments.
How SafeNet Solutions Help:
- SafeNet ProtectV: Unify encryption and control across virtualized and cloud environments, improving your business agility and lowering your costs.
- SafeNet KeySecure: Centralizes the management of encryption keys used for the protection of sensitive data in virtualized and cloud environments.
- SafeNet ProtectFile: Encrypt unstructured data and control access to sensitive folders and files.
- SafeNet ProtectDB: Database encryption for the sensitive corporate and customer information stored in databases in the cloud.
Secure Cloud-Based Applications
While the migration of applications to Software-as-a-Service (SaaS) and Platform-as-a-Service (PaaS) enables dramatic savings for the company as well as improved access for users, this means that there is sensitive data in an environment that is not owned or under the control of the company. Without active protection of the applications, the potential risks associated with the loss of control and trust are significant.
How SafeNet Solutions Help:
- SafeNet ProtectApp: An application encryption solution deployed in combination with SafeNet KeySecure that supports a broad range of the most widely used Web application servers and enterprise applications – including those hosted on virtual machines and in the cloud.
- SaaS Security: Protect access to cloud-based applications via centrally-managed strong authentication.
Gemalto's Cloud-Delivered "As-a-Service" Offerings
Gemalto's cloud-delivered SafeNet authentication and encryption solutions give organizations the means to improve responsiveness while protecting the sensitive data being accessed and created by users from an increasing amount and variety of endpoints.
How SafeNet Solutions Help:
- Authentication-as-a-Service: Enables organizations to apply strong authentication onto multiple endpoints and address access control vulnerabilities.
- Cryptography-as-a-Service: IT departments can now deliver on-demand, elastic crypto services for data protection via cloud environments. Establish a pool of pre-configured hardware security module (HSM) resources, and provide those resources to the teams that need them with SafeNet Crypto Command Center.
Secure Cryptographic Keys in the Cloud
The virtualized nature of the cloud removes many of the control points that have traditionally helped protect sensitive information stored in-house. Administrators should have key managent controls in place to ensure that they are the only ones with control of that data's cryptographic keys – especially when that data resides in the cloud.
How SafeNet Solutions Help:
- SafeNet Hardware Security Modules (HSMs) provide FIPS and Common Criteria-certified storage of cryptographic keys, centralized key and policy management, sophisticated encryption, and a wide range of other control features that form the basis for secure, compliant cloud data operations.
- SafeNet KeySecure: Centralizes the management of encryption keys used for the protection of sensitive data in virtualized and cloud environments.
Securely Transmit Data to and from the Cloud
Organizations using a mix of on-site data centers and cloud storage must ensure high-speed, low-latency, and – above all – secure communication between these environments. With SafeNet high-speed encryptors, companies can secure communications over all cloud-based and internally hosted sites, increase productivity, lower costs, and improve organizational flexibility.
SaaS Security: Cloud Access Control:
Protect access to cloud-based applications via centrally-managed authentication
Cloud Access Control for SaaS Applications
When data and applications move to the cloud, user access—by default —takes place remotely. Organizations therefore have to implement user access controls for enterprise resources residing both in the cloud and within the confines of the data center. With enterprise security perimeters becoming increasingly blurry, organizations are having difficulty affording, implementing and managing consistent, unified access policies to distributed IT resources.
Secure Cloud Access from Gemalto
Gemalto’s SafeNet Authentication Solutions overcome these challenges by allowing organizations to seamlessly extend secure access to the cloud through identity federation. SafeNet authentication platforms leverage organizations’ existing authentication infrastructures, allowing them to extend users’ on-premises identities to the cloud and enabling them to implement consistent access control policies for both cloud and network applications.
Advantages of SafeNet Authentication Solutions’ Native Identity Federation
- Secure access to any cloud application, including Office 365, Salesforce, Amazon Workspaces, GoogleApps, etc.
- 20% lower help desk costs, achieved by eliminating lost or forgotten password tickets
- Lets users authenticate with their current enterprise identity
- Lets IT administrators manage a single username and password set, per user, for all cloud applications
- With native SAML-as-a-Service, there’s no need to buy a separate federation server
With SafeNet multi-factor authentication solutions, you can leverage a unified authentication infrastructure for both on-premise and cloud-based services—providing a centralized, comprehensive way to manage all access policies. Users can log into enterprise cloud services such as Office365, Salesforce.com or GoogleApps through your existing SafeNet authentication mechanisms.
SafeNet cloud access control solutions makes it easy for enterprises to maximize cloud authentication security by offering the following advantages:
- Comprehensive platform: All SafeNet solutions can be managed through SafeNet Authentication Manager, which serves as a central management server that enables identity federation, access controls, and strong authentication to both on-premise and SaaS applications.
- Deployment and form factor flexibility: Gemalto offers the broadest authentication portfolio, including PKI certificate-based authentication, out-of-band via push notification, email or SMS text messages, one time passcodes, contextual authentication, and more, ensuring that organizations can tailor their solutions to their unique security and business objectives.
- User friendliness: Automatic provisioning and federated login to cloud-based (SaaS) applications.
- Advanced reporting: Gemalto's SafeNet authentication platforms offer extensive reporting capabilities that streamline compliance with a host of security regulations and policies.
"The availability and built-in capacity of SafeNet Authentication Service cloud delivery model not only proved to be able to scale with our business, but is able to do so in a very efficient and cost-effective manner."
- Marc Chambault, Product Manager, Integralis
Cloud Data Encryption Solutions
Encrypt your data in any cloud environment
Cloud data encryption solutions combined with strong key management give organizations the ability to protect sensitive data outside of their control as it is used, transferred, stored, or otherwise shared in the cloud and multi-tenant environments.
With truly effective cloud data security, you can protect sensitive information – such as company financials, personally identifiable information, and intellectual property – regardless of where the data resides or the solution you’re using within the SaaS, PaaS or IaaS cloud stack.
Find cloud data encryption solutions that meet your needs
When your data is in the cloud, or moving between the different environments your organization supports, you need to move past silo-constrained encryption and deploy encryption centrally, uniformly, and at scale.
With Gemalto’s SafeNet Cloud Data Encryption solutions, organizations can apply data protection where they need it, when they need it, and how they need it—according to the unique needs of their business.
Secure your data in motion across the cloud
Secure your data in motion across the cloud
SafeNet High Speed Encryptors enable secure cloud connectivity. Proven high-assurance Layer 2 network security for your sensitive data, real-time video and voice, as it moves across virtual and physical networks, between data centers, to the last mile, and up to the cloud and back again.
Encrypt your virtual machine instances
Encrypt your virtual machine instances
SafeNet ProtectV provides security and compliance across virtual and cloud-enabled infrastructure to secure sensitive workloads in the cloud, store confidential data and comply with industry regulations in controlled industries.
Protect your files, folders and shares transparently in the cloud
Protect your files, folders and shares transparently in the cloud
SafeNet ProtectFile is a cloud agnostic solution that works across cloud providers (AWS, Microsoft Azure, IBM SoftLayer, VMware) to encrypt files, folders and shares. SafeNet ProtectFile secures: SQL and NoSQL databases, big data (Apache Hadoop) implementations, DAS, NAS and SAN storage and other solutions such as SharePoint, Gemstone, CHEF, Docker, and Office Tools.
Secure your applications in the cloud
Secure your applications in the cloud
SafeNet ProtectApp encrypts application data as it is created and keeps it secure across its entire lifecycle on-premises or in any cloud – no matter where it is transferred, backed up, or copied. Since the data is secured so early in its life, it stays encrypted throughout its route to the cloud and even remains secure as data.
Protect your databases in the cloud
Protect your databases in the cloud
SafeNet ProtectDB transparently encrypts data at the column-level in multi-vendor database management systems located on-premises or in the cloud. Policy-based controls restrict column access to roles, users, and time of day - among other variables – to preserve finely tailored data ownership even as it moves into cloud datacenters or is shifted from one cloud to another.
Application-level tokenization service
Application-level tokenization service
SafeNet Tokenization protects high value information in databases located in the cloud by replacing it with a surrogate value - a “token” - that preserves the length and format of the data.
Key lifecycle management across clouds
Key lifecycle management across clouds
SafeNet KeySecure provides scalable security for your route to cloud. Migrate data safely to the cloud, maintain full control and ownership of encryption keys and data, and avoid fragmented key stores with a single, centralized enterprise key management platform. SafeNet KeySecure is a key management server that centralizes the administration of cryptographic materials from across an organization’s encryption infrastructure. Together with SafeNet KeySecure, you can also deploy a SafeNet Hardware Security Module as your root of trust on premises or in the cloud.
Four Reasons You’ll Love Our Cloud Data Encryption:
- Strengthen security. Centrally manage and broadly deploy security policies to reduce the cost and effort of securing cloud services and managing the keys for disparate security solutions.
- Ensure compliance and provide detailed audit trails. Encryption ensures that your data is unreadable even if breached. With a unified, cohesive view of cryptographic activity across your enterprise’s cloud-based and on-premises operations, organizations can much more readily track and comply with all relevant security and privacy mandates, dramatically reducing audit durations and costs.
- Reduce security and IT costs. Leverage proven, repeatable, and documented processes. With centralized, efficient processes for managing policies and cryptographic keys, both upfront cost and ongoing administration efforts are minimized whatever cloud you are using.
- Increase IT and business agility. Adapt to changing requirements and challenges. Roll out quickly and effectively, taking advantage of the cloud’s agility to support your business objectives—without making any compromises in security.
Cloud Key Management Solutions
Controlling Crypto in the Cloud
Cryptography provides a means for protecting and controlling data wherever it exists. However, when cryptography is used, the risk is transferred from the content of the data, to the cryptographic keys used to protect that data.
Gemalto's SafeNet cloud key management solutions enable you to control your keys and thereby run more sensitive data and workloads in the cloud securely.
Now encryption and key management in the cloud provide the same high-grade protections as if it were fully on-premises, enabling organizations of all types to reach new levels of efficiency and security.
Our SafeNet Cloud Key Management Solutions:
SafeNet Network HSMs
SafeNet Network Hardware Security Modules (HSMs) provide high assurance protection for cryptographic keys used by applications across cloud-enabled as well as on-premises environments. With SafeNet Network HSMs, organizations can protect the entire key-lifecycle on a centralized platform, accelerate cryptographic operations, and leverage a single point of audit for cryptographic keys.
SafeNet Crypto Command Center
With SafeNet Crypto Command Center, you can easily provision and monitor SafeNet HSMs from one secure, central location. This allows you to deliver on-demand, elastic key vaulting and encryption services for data protection in minutes instead of days while maintaining full control of your encryption services and data, consistently enforcing policies, and clearly defining key ownership across your IT infrastructure.
Four reasons customers love SafeNet cloud cryptography solutions
- Data protection anywhere. Certified to protect keys, SafeNet data protection solutions prevent unwanted access to keys, and thereby also the data that is protected by those keys, no matter the environment, and even by third-party cloud infrastructure providers.
- Complete control. We enable you to own and control your encryption keys in any environment prove you have complete control of all of your keys, and therefore the data too. This helps achieve and/or maintain compliance with mandates such as PCI DSS.
- Cloud agnostic. Supporting many deployment scenarios, from on-premises data centers to private, hybrid, public, and multi-cloud environments, Gemalto provides a tremendous amount of flexibility as it enables customers to move keys in and out of cloud environments.
- Scalability. We make it easy for you and your organization and its developers to optimize infrastructure without the need to customize applications to support a multi-cloud deployment scenario.
Benefit from a proven cryptographic security solution and maintain complete ownership of your keys while realizing the cost, flexibility and performance advantages of the cloud.
"Gemalto's SafeNet hardware security modules address a current gap in the market for encryption and key management. Enterprises that are looking to move more resources to the cloud are realizing the need for encryption and key management, but often lack the resources to deploy and manage their own encryption key management infrastructure. With SafeNet HSMs, enterprises of all sizes can maintain control of their sensitive keys while taking advantage of the benefits the cloud provides."
- Garrett Bekker, Senior Security Analyst at 451 Research
SafeNet Solutions Also Play Well with Others
SafeNet crypto management solutions benefit from one of the broadest ecosystems available on the market and integrate with over 400 of the most commonly used enterprise applications for big data, code signing, TLS, web servers, application servers, databases, and many more.
VDI Security Solutions
Secure Access to Citrix & VMware Virtual Desktop Infrastructures
The growth in the use of virtualized environments—particularly Virtual Desktop Infrastructure (VDI) solutions, such as those provided by Citrix, VMware and AWS—alongside the deployment of multiple types of endpoints, such as thin clients and mobile devices, is challenging businesses to overcome the vulnerabilities of fixed passwords and implement a consistent authentication policy to secure access to all online corporate resources.
Simple, Strong Authentication for VDI Security
By effectively adding a layer of security in the form of strong two-factor authentication to protect critical corporate resources accessed via VDI solutions, Gemalto’s suite of SafeNet Authentication Solutions enable organizations to secure VDI access from any endpoint, while simplifying regulatory compliance, reducing IT administration overheads and mitigating the risk of data breaches arising from credential compromise.
Gemalto’s suite of SafeNet Authentication Solutions deliver secure access to virtualized desktop infrastructure:
- From any device, including thin clients, zero clients, and BYOD mobile devices
- To any VDI application, thanks to out-of-the-box integrations with Citrix, VMware, and AWS
- At any assurance level, via the broadest range of authentication methods and form factors
- With on-premises or as-a-service delivery of strong authentication
Supporting any enterprise solution, be it VPN, Cloud, Web, local network or VDI, SafeNet strong authentication management platforms enable the enforcement of consistent user access controls from a single point of management, offering ease of use and ease of management for a lower TCO.
Pricing Notes:
- Pricing and product availability subject to change without notice.