Gemalto Safenet Solution for Big Data Security
Click Here to jump to pricing!
Overview:
Big data security shouldn't mean big headaches
The era of big data is producing unprecedented amounts of data points giving us greater insights that drive exciting research, better business decisions, and in many ways, greater value for customers. To achieve these outcomes, organizations need to be able to handle it efficiently, quickly, and because often this data will include sensitive information – securely, all at scale.
Unfortunately, many organizations hesitate looking at security – and more specifically, encryption – when it comes to big data solutions because they are concerned about deploying at scale or impeding the analytics tools that make these solutions so valuable in the first place.
Big data encryption and key management enterprises trust
Gemalto's SafeNet portfolio of data protection solutions let customers secure their big data deployments – whether it’s a Hadoop infrastructure, or a non-relational (NoSQL) database such as MongoDB or Couchbase – without getting in the way of the analytics tools that make these solutions important.
Additionally, Gemalto unifies these – as well as an entire ecosystem of partner encryption solutions – behind a centralized encryption key management appliance.
Hadoop Encryption Solutions
The SafeNet data protection portfolio can secure data at multiple points in the Hadoop architecture – from Hive and Hbase to individual nodes in the data lake.
With Gemalto, customers have a choice.
- Incorporate transparent application-level security via APIs to protect data without changing their database structure
- Choose a column-level solution for Hive that permits normal querying
- Choose a file system-level solution with robust policy-based access controls
Each Hadoop big data encryption and tokenization solution is entirely transparent to the end-user and format preserving encryption functionality means that customers will continue to benefit from the analytics tools that draw extra value from growing data stores.
NoSQL Database Encryption Solutions
Non-relational or NoSQL databases are versatile database solutions that are well adapted for large quantities of varied data types. Because they comprise more than traditional database tables – using objects and indexes instead – they require a different approach to big data security.
Customers can now protect data in any NoSQL database including leading database vendors such as MongoDB, Cassandra, Couchbase, and HBase.
- Leverage file system-level encryption solution to secure the files, folders and shares that contain the files and objects indexed in the NoSQL schema.
- Coupled with policy-based access controls, customers retain a fine level of control despite the massive data volumes.
- Application-level big data encryption or tokenization solutions attach security directly to the data before it ever is saved into the NoSQL schema.
- Operations remain transparent to the end-user while the database retains its ability to conduct queries and deliver data without decreases in performance.
MongoDB Encryption Solutions:
Organizations are capturing more data than ever before as sensors from connected devices, mobile applications, and social media platforms produce significant amounts of data about our world. From this data, organizations can glean insights to produce greater value for customers ultimately driving operations and profits.
In response, organizations such as MongoDB have developed new technologies to organize and handle this data load when traditional solutions fall short. Yet, because these vast data volumes contain significant amounts of sensitive data, security solutions need to be able to keep pace with the rate of data growth.
MongoDB data security from Gemalto
Encryption is a fundamental security tool that can secure sensitive data in MongoDB databases. Encrypting data mitigates threats posed by hackers and privileged users while also addressing their compliance obligations.
By attaching security directly to the data itself, it stays safe wherever it travels – from on-premises to the cloud.
Protect your files, folders and shares transparently
SafeNet ProtectFile is an easy to deploy, versatile file-system level solution for MongoDB database encryption. As a client based solution that operates at the OS level, customers can define which file, folder or network share path should receive encryption. It doesn’t require changes to applications, infrastructure or operations letting users operate normally without any changes to their experience.
Built-in policy-based access controls restrict access to encrypted data to mitigate the risks posed by privileged users such as database or cloud administrators while giving authorized users access and query the data they need.
As more customers look to use MongoDB in the cloud, they can take advantage of SafeNet ProtectFile’s cloud agnostic architecture which lets it work in any cloud.
Centralized encryption key management
MongoDB offers native encryption for recent versions of its database. Though MongoDB's approach addresses basic security and compliance concerns, best practice dictates that encryption keys be moved off of the database and onto an enterprise key manager.
Using SafeNet KeySecure improves security by making it easier. SafeNet KeySecure consolidates all of MongoDB’s encryption keys in one location and adds access control functionality that gives organizations a very fine level of control.
Beyond managing MongoDB's encryption keys, SafeNet KeySecure consolidates keys from the entire SafeNet Data Protection portfolio as well as an entire ecosystem of third-party vendors.
NoSQL Security Solutions:
NoSQL databases play an integral role in organizing and analyzing the vast quantities of data that organizations are collecting in their efforts to create new, meaningful value. Their ability to handle structured and unstructured data — possible across commodity hardware — in a horizontally scalable infrastructure make them an efficient, cost-effective tool to handle the ever changing demands of the era of big data.
However, the disadvantage of having so much valuable data in one place is that it becomes a very attractive target for anyone looking to do harm (e.g. hackers, disgruntled administrators). It is not uncommon for NoSQL administrators to set up their database in a "trusted environment" where only trusted machines have access to database ports. Unfortunately, in the connected internet age, that often isn’t enough.
In the era of big data, organizations need to take big steps in implementing and managing security in order to protect themselves against everything from NoSQL injection attacks to privileged insider risk.
Protection for the most popular NoSQL environments
So how do you approach NoSQL security? Where do you start? As a leader in the encryption and key management field, Gemalto can help you tailor a comprehensive security suite for your organization capable of protecting data in one or several of today's leading NoSQL database providers.
Gemalto's SafeNet data protection solutions for NoSQL:
Protect your files, folders and shares transparently
SafeNet ProtectFile transparently protects both structured and unstructured data in NoSQL databases without requiring changes to applications or database structures.
Policy based access controls (with the option to store those policies locally) adds an additional layer of security to ensure that data is only available to authorized users and processes.
Encrypt your virtual machine instances
SafeNet ProtectV enables organizations to encrypt entire virtual machines that run NoSQL databases.
SafeNet ProtectV extends its protection to include associated storage volumes, instance snapshots, backups, and partitions that contain structured and unstructured data.
As big data solutions such as NoSQL databases migrate into virtualized and cloud environments, Gemalto effectively secures those environments so security teams can maintain ownership and control of their data and encryption keys at all times.
Secure your application-level data
SafeNet ProtectApp secures data at the application level as it is created and offers document level security for NoSQL database users.
As an API based solution, organizations can easily it incorporate into enterprise-grade applications using Gemalto’s sample code and interfaces.
SafeNet ProtectApp protects data immediately as it is created so that wherever it resides in the database, in whatever form, it will stay secured from unauthorized access.
Format-preserving tokenization for NoSQL databases
SafeNet Tokenization replaces sensitive structured data in NoSQL databases with a token, or random value of the same length and format, before it is stored in the database.
Gemalto's SafeNet Tokenization offers the flexibility to use standard or customized format preserving options without making any changes to your existing applications or databases.
Why You’ll Love Our NoSQL Security:
Gemalto's portfolio of SafeNet data protection solutions address the challenges organizations face in securing sensitive structured data in their NoSQL databases.
SafeNet Solutions Offer:
- Secure data anywhere in its flow from creation to storage with strong encryption and tokenization
- Scalable, flexible solutions to grow as your needs do
- Avoid adversely impacting business operations or compliance with industry regulations
- Centralized key and policy administration
In short, with SafeNet data protection solutions organizations don't have to sacrifice security to take advantage of big data.
SQL Security Solutions:
SQL databases – the traditional technology for managing structured data – are often the largest repository of sensitive data within an organization. Data of fixed length or format such as credit card or social security numbers live in columns beside e-mail addresses and other useful personal data all held in the same file.
The same convenience that organizations enjoy by storing all of this data in one place also make it an attractive target for anyone looking to exploit and benefit from this sensitive data.
The critical role of SQL encryption
Properly securing SQL databases requires many layers – from closing specific ports to enabling proper authentication to the database. Encryption plays an important role in this security.
It keeps sensitive data safe by assuring that the database administrator can manage the database environment without seeing data in clear text, thereby mitigating the risk that a disgruntled employee can abuse their privileged position.
Encryption also keeps data safe in the event of a security breach or a stolen or misplaced backup by ensuring the data remains unreadable and useless to the unauthorized holder of the database file. As encryption addresses these security challenges, it also addresses the regulatory requirements with which organizations must comply.
Protection for the most popular SQL environments
As a leader in the encryption and key management field, Gemalto can help you tailor a comprehensive security suite for your organization capable of protecting data in one or several of today's leading SQL database providers.
Gemalto's SafeNet data protection solutions for SQL:
Protect your databases at the column level
SafeNet ProtectDB delivers transparent column-level encryption (standard or format-preserving) for structured data in SQL databases.
Column-level encryption allows organizations to secure only the data that is sensitive or governed by regulation without affecting other important - but less sensitive - data.
SafeNet ProtectDB does not require any changes to your applications or to the architecture of your database table, but still delivers a very fine level of security backed by robust policy-based access controls.
Protect your files, folders and shares transparently
SafeNet ProtectFile transparently protects structured data SQL databases without requiring changes to applications or database structures by encrypting the entire file to secure the sensitive data residing within.
Policy based access controls (with the option to store those policies locally) adds an additional layer of security to ensure that data is only available to authorized users and processes.
Encrypt your virtual machine instances
SafeNet ProtectV enables organizations to encrypt entire virtual machines that run SQL databases. SafeNet ProtectV extends its protection to include associated storage volumes, instance snapshots, backups, and partitions that contain structured and unstructured data.
As SQL-based database solutions migrate into virtualized and cloud environments, Gemalto effectively secures those environments so security teams can maintain ownership and control of their data and encryption keys at all times.
Secure your application-level data
SafeNet ProtectApp secures data at the application level as it is created so that it is secure when it is saved to the SQL database.
As an API based solution, organizations can easily it incorporate into enterprise-grade applications; encryption at the application-level also means that there are no changes necessary to the destination database.
SafeNet ProtectApp protects data immediately as it is created so that wherever it resides in the database, in whatever form, it will stay secured from unauthorized access.
Format-preserving tokenization for SQL databases
SafeNet Tokenization replaces sensitive structured data in SQL databases with a token, or random value of the same length and format, before it is stored in the database.
Gemalto's SafeNet Tokenization offers the flexibility to use standard or customized format preserving options without making any changes to your existing applications or databases.
Why You’ll Love Our SQL Database Encryption:
Gemalto's portfolio of SafeNet data protection solutions address the challenges organizations face in securing sensitive structured data in their SQL databases.
SafeNet Solutions Offer:
- Secure data anywhere in its flow from creation to storage with strong encryption and tokenization
- Scalable, flexible solutions to grow as your needs do
- Avoid adversely impacting business operations or compliance with industry regulations
- Centralized key and policy administration
In short, SafeNet data protection solutions address SQL encryption, tokenization, and key management needs without impacting your ability to leverage the data or deliver on the bottom line.
Oracle Database Encryption Solutions:
Oracle’s long history of innovation in relational database technology means that organizations everywhere have at least one their databases in their operations. Chances are these Oracle implementations contain sensitive regulated data from credit card or social security numbers to patient health data which make them a prime target for hackers or disgruntled employees with privileged access.
Oracle data encryption solutions
Encryption can effectively secure this sensitive data and help Oracle database users mitigate threats posed by hackers and privileged users while also addressing their compliance obligations.
While Oracle offers it’s Transparent Data Encryption (TDE), it may not offer the same level of flexibility or control that organizations are looking for when the database is integrated into their larger operations. For those cases, the SafeNet data protection portfolio offers a range of options for Oracle database encryption.
Protect your databases at the column level
SafeNet ProtectDB delivers efficient, transparent column-level encryption for Oracle databases. Its client based approach does not require any changes to the database structure yet offers customers the benefits of only securing the columns of data that are sensitive or valuable.
While Oracle TDE stores its encryption key within the database, SafeNet ProtectDB follows the best practice of storing its encryption keys outside of the database table or the server it is running on in favor of keeping it in the enterprise key manager, Safenet KeySecure.
SafeNet ProtectDB is transparent to users and applications in order to keep data safe without impacting the user experience. In addition, its column-level encryption is a flexible and effective approach addresses a wide range of security objectives, including securing financial data, complying with PCI DSS, and safeguarding PII.
Protect your files, folders and shares transparently
SafeNet ProtectFile is an easy to deploy, versatile file-system level solution for Oracle database encryption that doesn’t require changes to applications, infrastructure or operations. With SafeNet ProtectFile organizations can secure their Oracle database files as well as IBM DB2, Microsoft SQL, MySQL, NoSQL, PostgreSQL, Sybase and SAP HANA databases with minimal performance impacts.
Built-in policy-based access controls restrict access to encrypted data to mitigate the risks posed by privileged users such as database or cloud administrators while giving authorized users access to the data they need.
Since encryption attaches security directly to the file itself, any backed-up or replicated copy of the database with remain encrypted to keep data safe wherever it goes.
Encrypt your virtual machine instances
SafeNet ProtectV enables organizations to encrypt entire virtual machines running Oracle databases, including associated storage volumes, instance snapshots and backups, and partitions containing sensitive data.
Its pre-boot authentication feature ensure that encrypted virtual machines cannot be copied or spun-up by unauthorized users attempting to move them to another environment.
SafeNet ProtectV effectively secures virtualized and cloud environments so security teams can maintain ownership and control of their machines running Oracle databases and their corresponding encryption keys at all times.
Secure your application-level data
SafeNet ProtectApp encrypts data at the application level to secure data by either column or field within Oracle databases. By integrating into the application through easy to use standards-based APIs, SafeNet ProtectApp secures data as it is generated to keep it safe throughout its entire lifecycle without requiring any architectural changes to the database.
Though encrypted at the application-level, data is still protected in the database from unauthorized users from hackers to disgruntled privileged administrators; it will remain secure throughout its entire lifecycle no matter where it is moved, backed-up, or replicated.
In addition to its use for Oracle database encryption, SafeNet ProtectApp secures data for a wide range of on-premises or cloud-based databases such as: IBM DB2, Microsoft SQL, MySQL, NoSQL, Apache Hbase, PostgreSQL, Sybase and SAP HANA.
Key lifecycle management for Oracle databases
Through Oracle TDE, customers can use encryption at either the database or cell level without making any changes to their applications. Though the Oracle approach addresses basic security and compliance concerns, best practice dictates that the encryption keys it uses be moved off of the database and onto a separate hardware security module (HSM) or an enterprise key manager. Additionally, since each Oracle database instance requires its own separate encryption key, administering Oracle database encryption can be unwieldy without the right tools.
Using SafeNet KeySecure to manage Oracle TDE keys improves security by making it easier. SafeNet KeySecure consolidates all of the TDE keys in one location and adds access control functionality that gives organizations a very fine level of control.
Beyond managing Oracle’s encryption keys, SafeNet KeySecure can consolidate keys from the entire SafeNet Data Protection portfolio as well as an entire ecosystem of third-party vendors. For more information visit the SafeNet KeySecure page.
Why You’ll Love Our Oracle Database Encryption:
Gemalto’s SafeNet data protection portfolio offers an array of options for Oracle database encryption.
Our portfolio approach allows us to provide security anywhere in the data flow – from creation to storage – regardless of the challenges and constraints you may be facing.
SafeNet Solutions Offer:
- Format Preserving Encryption (FPE)
- API-based encryption libraries
- Chef and Docker support
- Availability in any cloud
- Centralized key and policy administration
In short, SafeNet data protection solutions address Oracle security needs without impacting your ability to deliver on the bottom line.
Pricing Notes:
- Pricing and product availability subject to change without notice.