Data-Centric security and HP NonStop-centric ecosystems. Andrew Price, XYPRO Technology Corporation Mark Bower, Voltage Security
|
|
- Osborne Montgomery
- 8 years ago
- Views:
Transcription
1 Title Data-Centric security and HP NonStop-centric ecosystems A breakthrough strategy for neutralizing sensitive data against advanced threats and attacks Andrew Price, XYPRO Technology Corporation Mark Bower, Voltage Security 1
2 Title Agenda Common challenges in handling sensitive data The state of the nation 2014 data breach impact Data is the new perimeter Infrastructure-centric Security vs. Data-centric Security Example Complexity in security payment data flows Data-centric security Technology and Standards Practical Applications and Use Cases Summary 2
3 Title Your Speakers today Mark Bower VP Product Management & Solutions Andrew Price VP Technology 3
4 Title Common Problems of Sensitive Data handling Our regulator or auditor will not sign off on privacy compliance for PCI, HITECH, FTC. Privacy and regulations prevent our business using the full potential of data Our CISO cannot say yes until sensitive data is neutralized from breach risk We move sensitive data to and from Enterprise systems and the warehouse to HP NonStop, so need to protect data endto-end We cannot put this live data in the cloud or Hadoop due to breach risks and data residency issues Image 5
5 Title The State of the Nation Data breach costs 6
6 Title The State of the Nation Data breach costs Compliance is important, but not the end-game in neutralizing breach risks. 7
7 Title Infrastructure Security vs. Data-centric Security A new approach to neutralizing breach risks 8
8 Title Data goes everywhere data is the new perimeter Data from Devices, Sensors, and Applications Transaction Processors Offshore Test and Dev Cloud Applications & Services SaaS PaaS Enterprise Data Systems Partner Data Systems Big Data Analytics in the Cloud Big Data Analytics in Hadoop Amazon AWS 9
9 Title Attack Trends vs. Protection Strategy Effectiveness Data-centric Security Fields and Objects Data stays protected in use, in motion, and at rest Traditional infrastructure level protection: Disk, File Data at rest in disks or files when powered off or in backup Data-centric security protects data over its lifecycle vs. broad threats. Infrastructure-centric solutions only protect from physical threats (e.g. VLE) Graph source: Verizon Data Breach Report
10 Title Infrastructure Security Creates Expoitable Gaps Data & Applications Middleware/Network Databases Data is in the clear in this part of the stack File Systems OS Reads & writes disk Sectors Storage Disk sectors encrypted 11
11 Data Security Coverage End-to-end Data Protection Title IT Security vs. Data-centric Security Threats to Data Traditional IT Infrastructure Security Data Ecosystem Security Gaps Voltage Datacentric Security Data & Applications Credential Compromise Authentication Management Security Gap Traffic Interceptors SSL/TLS/Firewalls Middleware/Network Security Gap SQL Injection, Malware Database Encryption Databases Security Gap Malware, Insiders SSL/TLS/Firewalls File Systems Security Gap Malware, Insiders Disk encryption Storage 12
12 Title A common problem: Securing card data in payments processing A frequently attacked ecosystem by advanced malware 13
13 Title Card Data Flows in the Payments Ecosystem 14
14 Title Card Data Risks in the Merchant Ecosystem POS malware risk Insider risk Server malware risk Network sniffing Skimming risk 15
15 Title A Card Present Flow A threat and risk view Merchant Acquirer Payment Card Readers Point of Sale (POS) Retail Store IT Authorization Gateway Issuing Bank & Merchant Banks Pre-card read skimming Fake readers POS and Server Malware Memory Scrapers Insiders Outsourced Operations Server Malware Insiders Server Malware Insiders 16
16 Title Traditional Encryption and Payment Capture Unprotected Track 2* ; 6 PAN 4 = Add l Data (EXP, SVC) Disc. Data V? LC C V Card data, structure, special codes, PVV, CVV, parameters 6 bit encoding limited space in 37 characters 3DES or AES-CBC Traditional Encryption applied to track data -breaks the track format. Implementation requires costly key management and key injection. Traditional Encryption* ; &69809*(&^15jIOwom^iqlge- 013oP{135)&k24 i3h87qnlboday&(t*@o2p 28{O3dyei$1U12??? Traditional Encryption breaks structure, size, and encoding. Requires decryption everywhere PAN or part of it is needed. Makes it difficult to retrofit encryption to existing IT the POS, Switch, Merchant IT etc. 17
17 Title Traditional Encryption and Payment Processing Card Networks PAN: Payment Capture Payment Authorization Settlement Processes Logs, Reports, & Backups Customer Service Application PAN: juYE%UkFa2345^WFLE 8juYE%UkFa2345^WFLE 8juYE%UkFa2345^WFLE PAN:XXXX XXXX XXXX 0000 Live Data Capture Credit Card Primary Account Number (PAN) Traditional Encryption Requires Database Schema and Application Re-engineering Traditional Key Management adds complexity and cost Requires Decryption of whole encrypted PAN, even if we only need last 4 digits 18
18 Title Data-centric security Technology and Standards Practical Encryption and Tokenization without friction 19
19 Title Voltage Format-Preserving Encryption (FPE) FPE AES- FF1 mode Regular AES-CBS mode Credit Card juYE%UkFa2345^WFLE First Name: Gunther Last Name: Robertson DOB: SSN: First Name: Uywjlqo Last Name: Muwruwwbp SSN: DOB: Ija&3k24kQotugDF2390^32 0OWioNu2(*872weW aasiuahjw2%quifiwuybw3 Standard, proven mode of AES (NIST SP800-38G Draft Standard) High performance, minimal impact. Encrypt at capture. Data stays protected, most apps can run on encrypted data. Fit into existing systems, protocols, schemas any data Protect live data in applications & databases, business process or transactions Create de-identified data for test, cloud apps, outsourcers 20 20
20 Title Secure Stateless Tokenization Credit Card Tax ID Secure Stateless Tokenization Regular Tokenization Disassociates live data using a fully functional data surrogate a token Retain the value of the data for business uses e.g. First 6, last 4 digits of credit card Reduce PCI Scope more than any other approach Eliminates the costly token database sync problem Proven security, cryptanalyzed and published High performance, lower cost, simpler to deploy and manage 21
21 Title Traditional vs. Stateless Key Management Traditional Key Management Keys need to be stored, and recovered Requires endpoint protection, staffing Manual controls Complex to scale and operate Stateless Key Management Cornerstone of simplicity and scalability Keys are derived dynamically for all uses No key database to store, sync & back-up No data loss issues Enables high-performance data protection that scales 22
22 Title Magnetic stripe track data and data-centric security Unprotected Track 2* ; 6 PAN 4 = Add l Data (EXP, SVC) Disc. Data V? LC C V Card data, structure, special codes, PVV, CVV, parameters 6 bit encoding limited space in 37 characters Data Security using NIST SP G based Format-Preserving Encryption. Dynamic Keys with IEEE IBE technology Protected data works and flows unimpeded neutralized, but compatible. FPE Encryption* C ; 6 Secure 4 = Add l Data (EXP, SVC) Secure V? LC V * Illustration simplified. Shows Track 2 only. Track 2 PAN also protected in implementation FPE protects sensitive fields, preserves Track encoding, leaves first 6, last 4. Data still functions in POS, but is neutral. Only host can decrypt. Makes it simple to retrofit encryption to existing IT the POS, Switch, Merchant IT etc. 23
23 Title Data-centric Security and Payment Processing Card Networks PAN: De-Tokenize Decrypt & Tokenize Payment Capture Payment Authorization Settlement Processes Logs, Reports, & Backups Customer Service Application Live Data Encrypted in Secure Reader end-toend to Payment Authorization Host SST Tokenized PAN Data used throughout. No Live Data in internal processes or systems Last 4 Digits already available without change 24
24 Title Data-centric Security for any sensitive data Data secured during capture Selective Live data elements available to trusted users under policy control Data secure in storage Data stays secure in transit Data stays secure in low-trust processes analytics, cloud, test, development etc 25
25 Title Data-centric Security Standards & Validation ~30 Patents Encryption, Key Management, Tokenization 26
26 Title Consequences of not using Standards or Proofs of Security FTC 2014 Report on FTC Investigations FTC attention has regularly focused on data encryption. In more than half (27) of the cases requiring privacy or data security programs, the FTC addressed the defendant s encryption protocols, which if noted it should have been compatible with industry standards. Impact: ValueClick fined $2.9m for deception, contract with ebay cancelled for proprietary encryption failures
27 Title Practical Data-centric security 28
28 Title Example - Production Applications Thales HSM Voltage SecureData Key Management, Encryption, Tokenization, Policy Control & Audit fpe.protect(ssn) fpe.access(ssn) Web Form New Account Application Mainframe Database Logs, Reports, & Backups Customer Service Application SSN: SSN: SSN: SSN: SSN:XXX-XX-2773 Live Data Capture Format-Preserved Encrypted or SST Tokenized Data Policy based redaction on de-tokenize or decrypt (C) 2014 Voltage Security, Inc. All Rights Reserved 29
29 Title Example: Data-centric security for Hadoop Thales HSM Voltage SecureData Key Management, Encryption, Tokenization, Policy Control & Audit Landing Zone Data Warehouse Data Sources ETL HDFS Batch Sqoop Map Reduce Flume Sqoop Map Reduce Hive BI Applications + more Storage Encryption + more The goal is to protect (encrypt or tokenize) sensitive data before it gets stored in HDFS. Doing so as early as possible in the data flow path reduces the exposure of data and improves the compliance stance. (C) 2014 Voltage Security, Inc. All Rights Reserved 30
30 Title Example: Cloud Data Protection (e.g. Azure, AWS) Enterprise Data Center Credit Card Fraud Analysis Processing App ETL Tools Semi Trusted User Partial Access Trusted Users e.g. Fraud Analysts - Full Access 31
31 Title Neutralizing a breach attackers get nothing sensitive Live Data De-identified & Protected Data in storage, in motion, in use. Trusted Applications Permitted Access Untrusted Application Partial or restricted access Business Applications, Data stores and Processes Production, Test, and Analytics Custom Applications Production Databases, Test & Dev Payment Data ETL & Data Integration Suites 3 rd Party Applications Teradata & Hadoop HP Nonstop Applications & Databases Cloud Broker Gateways Mainframe Applications & Databases Web/Cloud Applications 32
32 Title Establishing a data-centric security strategy Best practices in neutralizing breach risks 33
33 Title Five Critical Best Practices for Data-centric Security To be effective, a data-centric security strategy must 1. Be unified across mission critical platforms: HP NonStop, IBM z/os, Teradata, Hadoop, cloud and enterprise systems, Payment devices, applications, and data stores 2. Minimize the exposure of live data to only trusted systems or users 3. Utilize standards-based and proven data protection technology for compliance 4. Enable centralized control of key management, tokenization encryption, audit, and reporting 5. Enable the business process without friction at global scale. 34
34 Title Voltage SecureData Use Case Examples Success in neutralizing advanced threats 35
35 Title Success at a Global Acquirer Risk reduction & compliance Top Global Internet Payment Processor Competitive driver, compliance & risk reduction End to End Encryption for e-commerce data Tokenization for post payment capture internal, and to merchants Critical Requirements Global solution high scale, high volume Scale to >500,000 merchants & ~ 50% of internet e-commerce volume Mixed HP NonStop, Stratus and Unix Platforms Solution & Benefits Data-centric security for all payments transactions reduced threats PCI Scope Reduction for merchants and payment acquirer Reduced merchant and processor PCI costs - $millions in cost savings 36
36 Title Top US retailer Data-centric security for payments, enterprise Risk concern from large industry breaches Thousands of stores, US-wide to de-risk Complex infrastructure and payment flows Enterprise-wide data-centric security vision: Payments from store card reader device to HP NonStop Switch reduce risk and PCI scope Enterprise data security Personal data protection for compliance and risk reduction Hadoop data security for enabling analytics sensitive data de-identified for analytic use Success with HP NonStop Live on 85,000 Terminals to mitigate advanced threats in the POS With a unified data-centric strategic security platform in place to meet broad risk reduction duties 37
37 Title Data-centric security ROI ~87% Compliance Cost Saving Annual Cost ($US) PCI Compliance net cost Data-centric security investment $1.2m $0.70m Investment $800K over 5 years Phased in data-centric approach Cost Saving over 5 years > $4.25m 3-4 month audit to <2 weeks ~0.1 FTE Per Datacenter Multiple Applications Mission Critical and Open Systems, Travel, Banking, Insurance Multi-state Retail Locations $350k $150k $150k
38 Title Summary 39
39 Title Secure Data can go everywhere without increased risk Data from Devices, Sensors, and Applications Transaction Processors Offshore Test and Dev Cloud Applications & Services SaaS PaaS Enterprise Data Systems Partner Data Systems Big Data Analytics in the Cloud Big Data Analytics in Hadoop Amazon AWS 40
40 Title Conclusion Data-centric security provides a new approach to protect and de-identify data to neutralize data breaches Infrastructure security is just not enough vs todays threats Data-centric technology can enable HP NonStop with Provider powerful, stateless methods for data de-identification and protection from a single platform. Provide consistent data protection within and between data environments and devices beyond HP NonStop Offer scalable, high-performance solutions that have been broadly adopted across the industry and in standards To reduce compliance costs, breach impact, and enable data processing without risk 41
Data-centric Security for HP NonStop and Enterprise-wide Environments
Data-centric Security for HP NonStop and Enterprise-wide Environments Ernie Tarbox, Voltage Security 2014 Voltage Security, Inc. All Rights Reserved 1 Title Agenda Part 1 this morning Common challenges
More informationFighting Today s Cybercrime
SECURELY ENABLING BUSINESS Fighting Today s Cybercrime Ongoing PCI Compliance Using Data-Centric Security Technologies HOUSEKEEPING ITEMS All phone lines have been muted for the duration of the webinar.
More informationData-Centric Security vs. Database-Level Security
TECHNICAL BRIEF Data-Centric Security vs. Database-Level Security Contrasting Voltage SecureData to solutions such as Oracle Advanced Security Transparent Data Encryption Introduction This document provides
More informationThe Security Issue Data Marketing 2013 Conference Presented by:
The Security Issue Data Marketing 2013 Conference Presented by: Phil Sewell, Canadian Regional Director About Voltage Security Mission: Data-centric security to combat advanced security threats inside
More informationSecuring Hadoop Data Big Data Everywhere - Atlanta January 27, 2015
Securing Hadoop Data Big Data Everywhere - Atlanta January 27, 2015 2015 Voltage Security, Inc. A History of Excellence Company: Founded in 2002 Out of Stanford University Based in Cupertino, California
More informationMainframe Data Protection in an Age of Big Data, Mobile, and Cloud Computing
SOLUTION BRIEF Mainframe Data Protection in an Age of Big Data, Mobile, and Cloud Computing Compelling business value propositions such as improved time-to-insight, customer access, business agility, and
More informationEnd-to-end Encryption for E-Commerce Payments using Voltage SecureData Web
Technical Brief using Voltage SecureData Web Introduction Today, merchants accepting card-not-present payments on the web are concerned about three major issues affecting their business with respect to
More informationHP Atalla. Data-Centric Security & Encryption Solutions. Jean-Charles Barbou Strategic Sales Manager HP Atalla EMEA MAY 2015
Copyright 2015Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Restricted HP Atalla Data-Centric Security & Encryption Solutions Jean-Charles
More informationVoltage Secure Commerce
SOLUTION BRIEF Voltage Secure Commerce PROTECT SENSITIVE DATA FROM BROWSER TO BACK-OFFICE Safely Enable Mobile and E-commerce Channels while Simplifying PCI Compliance If your business runs credit card
More informationPayment Security Solution Processor Edition
WHITE PAPER Payment Security Solution Processor Edition For retail and e-commerce card processing environments Introduction This white paper describes Voltage Payment Security Solution Processor Edition
More informationPROTECTING ENTERPRISE DATA IN HADOOP
TECHNICAL BRIEF PROTECTING ENTERPRISE DATA IN HADOOP Introduction Big Data is an exciting concept and emerging set of technologies that hold seemingly unlimited promise to enable organizations to gain
More informationHP SecureData Payments Solution - Processor Edition
White paper Payments Solution - Processor Edition For retail and e-commerce card processing environments HP Security Voltage White Paper Payments Solution - Processor Edition Table of contents 6 8 Introduction
More informationProtecting Data Into and Throughout the Cloud
White paper Protecting Data Into and Throughout the Cloud HP Security Voltage Table of contents 3 4 5 6 6 8 10 The Cloud Outlook: It Changes Data Security-Forever Why Other Cloud Security Solutions Fall
More informationData Breaches Gone Mad. Straight Away! Wednesday September 28 th, 2011
Data Breaches Gone Mad Learn how to Secure your Data Warehouse Straight Away! Wednesday September 28 th, 2011 Martin Willcox Director Product & Solutions Marketing Teradata Europe, Middle East & Africa
More informationProtecting Enterprise Data In Hadoop HPE SecureData for Hadoop
Protecting Enterprise Data In Hadoop HPE SecureData for Hadoop Introduction Big Data is an exciting concept and emerging set of technologies that hold seemingly unlimited promise to enable organizations
More informationBig Data, Meet Enterprise Security
WHITE PAPER Big Data, Meet Enterprise Security Will Data Security and Compliance Issues Put Big Data Developments on Hold? Large organizations worldwide are working to develop and deploy Big Data analytical
More informationAchieving PCI DSS 2.0 Compliance with Voltage Security
WHITE PAPER Achieving PCI DSS 2.0 Compliance with Security Introduction The Payment Card Industry (PCI) Data Security Standard (DSS) 2.0 1 dictates that organizations processing and storing credit card
More informationData Security as a Business Enabler Not a Ball & Chain. Big Data Everywhere May 12, 2015
Data Security as a Business Enabler Not a Ball & Chain Big Data Everywhere May 12, 2015 Les McMonagle Protegrity - Director Data Security Solutions Les has over twenty years experience in information security.
More informationStreamlining Information Protection Through a Data-centric Security Approach
WHITE PAPER Streamlining Information Protection Through a Data-centric Security Approach Overview The sophistication and persistence of criminal attacks on online systems is growing, along with government
More informationVoltage Secure Stateless Tokenization
WHITE PAPER Voltage Secure Stateless Tokenization DATA PROTECTION AND PCI SCOPE REDUCTION FOR TODAY S BUSINESSES Introduction Cyber criminals have proved adept at thwarting existing IT defenses and exploiting
More informationPractical Advice for Cloud Data Protection
Practical Advice for Cloud Data Protection Ulf Mattsson CTO, Protegrity Ulf.Mattsson@protegrity.com Ulf Mattsson, Protegrity CTO Cloud Security Alliance (CSA) PCI Security Standards Council Cloud & Virtualization
More informationSolving data residency and privacy compliance challenges Delivering business agility, regulatory compliance and risk reduction
Solving data residency and privacy compliance challenges Delivering business agility, regulatory compliance and risk reduction Introduction In today s dynamic business environment, corporation s intangible
More informationData-Centric Security Key to Cloud and Digital Business
Data-Centric Security Key to Cloud and Digital Business Ulf Mattsson CTO, Protegrity Ulf.Mattsson AT protegrity.com Ulf Mattsson, Protegrity CTO Cloud Security Alliance (CSA) PCI Security Standards Council
More informationBusiness Case for Voltage SecureMail Mobile Edition
WHITE PAPER Business Case for Voltage SecureMail Mobile Edition Introduction Mobile devices such as smartphones and tablets have become mainstream business productivity tools with email playing a central
More informationProviding Secure Representative Data Sets
Test Data Protection Providing Secure Representative Data Sets By Dr. Ron Indeck VelociData Inc. - www.velocidata.com World Headquarters 321 North Clark Street, Suite 740 Chicago, IL 60654 Telephone: 312-600-4422
More informationMeeting Data Residency and Compliance Challenges in Global Enterprises
WHITE PAPER Meeting Data Residency and Compliance Challenges in Global Enterprises Innovative Security Solutions Enhance Business Agility and Reduce Risk Data Security: A Competitive Advantage In today
More informationAchieving PCI DSS 3.0 Compliance with HP Security Voltage
White paper Achieving CI DSS 3.0 Compliance with H Security Voltage H Security Voltage Table of contents 3 3 4 6 8 10 Introduction Overview H Security Voltage Technologies H Security Voltage and CI DSS
More informationSecure Cloud Computing
Secure Cloud Computing Agenda Current Security Threat Landscape Over View: Cloud Security Overall Objective of Cloud Security Cloud Security Challenges/Concerns Cloud Security Requirements Strategy for
More informationProtecting Cardholder Data Throughout Your Enterprise While Reducing the Costs of PCI Compliance
Payment Security White Paper Protecting Cardholder Data Throughout Your Enterprise While Reducing the Costs of PCI Compliance Breaches happen across all industries as thieves look for vulnerabilities.
More informationVoltage SecureData Web with Page-Integrated Encryption (PIE) Technology Security Review
Voltage SecureData Web with Page-Integrated Encryption (PIE) Technology Security Review Prepared for: Coalfire Systems, Inc. March 2, 2012 Table of Contents EXECUTIVE SUMMARY... 3 DETAILED PROJECT OVERVIEW...
More informationProtecting Data Into and Throughout the Cloud
WHITE PAPER Protecting Data Into and Throughout the Cloud The Cloud Outlook: It Changes Data Security Forever In the borderless world of Cloud computing, everything changes. You cannot deliver Cloud without
More informationMeeting Data Residency and Compliance Challenges in Global Enterprises
White paper Meeting Data Residency and Compliance Challenges in Global Enterprises Innovative Security Solutions Enhance Business Agility and Reduce Risk HP Security Voltage Table of contents 3 4 5 6 9
More informationEncryption and Anonymization in Hadoop
Encryption and Anonymization in Hadoop Current and Future needs Sept-28-2015 Page 1 ApacheCon, Budapest Agenda Need for data protection Encryption and Anonymization Current State of Encryption in Hadoop
More informationE2EE and PCI Compliancy. Martin Holloway VSP Sales Director VeriFone NEMEA
E2EE and PCI Compliancy Martin Holloway VSP Sales Director VeriFone NEMEA Security Breaches In The News 2 Security Breaches In The News 3 Security Breaches In The News 4 Security Breaches In The News 5
More informationMyths and Realities of Data Security and Compliance: Ulf Mattsson, CTO, Protegrity
Myths and Realities of Data Security and Compliance: The Risk-based Data Protection Solution Ulf Mattsson, CTO, Protegrity Ulf Mattsson 20 years with IBM Development, Manufacturing & Services Inventor
More informationStreamlining Information Protection Through a Data-centric Security Approach
White paper Streamlining Information Protection Through a -centric Security Approach HP Security Voltage Table of contents 3 4 5 6 7 8 9 9 10 12 13 15 16 16 Overview Why Needs a New Approach to Protection
More informationCost Savings Solutions for Year 5 True Ups
Cost Savings Solutions for Year 5 True Ups US Dept. of Energy EA Affigent/CDWG/Microsoft Realizing Cost Savings Now and Moving to a Dynamic Datacenter via your Current EA Enterprise Desktop Solutions to
More informationMyths & Realities of Data Security & Compliance: The Risk-based Data. Ulf Mattsson, CTO, Protegrity
Myths & Realities of Data Security & Compliance: The Risk-based Data Protection Solution Ulf Mattsson, CTO, Protegrity Ulf Mattsson 20 years with IBM Development, Manufacturing & Services Inventor of 21
More informationKey Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking
Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking SUMMARY The Payment Card Industry Data Security Standard (PCI DSS) defines 12 high-level security requirements directed
More informationSecurity of Cloud Computing for the Power Grid
ANNUAL INDUSTRY WORKSHOP NOVEMBER 12-13, 2014 Security of Cloud Computing for the Power Grid Industry Panel November 12, 2014 UNIVERSITY OF ILLINOIS DARTMOUTH COLLEGE UC DAVIS WASHINGTON STATE UNIVERSITY
More informationSafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud
SafeNet Data Encryption and Control Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud Ensure Data Protection with Data Encryption and Control Across
More informationSafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud
SafeNet Data Encryption and Control Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud Ensure Data Protection with Data Encryption and Control Across
More informationCoalfire Systems Inc.
Security Review Web with Page-Integrated Encryption (PIE) Technology Prepared for HP Security Voltage by: Coalfire Systems Inc. March 2, 2012 Table of contents 3 Executive Summary 4 Detailed Project Overview
More informationAccelerate Data Loading for Big Data Analytics Attunity Click-2-Load for HP Vertica
Accelerate Data Loading for Big Data Analytics Attunity Click-2-Load for HP Vertica Menachem Brouk, Regional Director - EMEA Agenda» Attunity update» Solutions for : 1. Big Data Analytics 2. Live Reporting
More informationSecuring Data Today. Ulf Mattsson CTO Protegrity ulf.mattsson [at] protegrity.com
Securing Data Today and in the Future Ulf Mattsson CTO Protegrity ulf.mattsson [at] protegrity.com Ulf Mattsson 20 years with IBM Development & Global Services Inventor of 22 patents Encryption and Tokenization
More informationThe Future of Data Management
The Future of Data Management with Hadoop and the Enterprise Data Hub Amr Awadallah (@awadallah) Cofounder and CTO Cloudera Snapshot Founded 2008, by former employees of Employees Today ~ 800 World Class
More informationSafeNet DataSecure vs. Native Oracle Encryption
SafeNet vs. Native Encryption Executive Summary Given the vital records databases hold, these systems often represent one of the most critical areas of exposure for an enterprise. Consequently, as enterprises
More informationPayment Transactions Security & Enforcement
Payment Transactions Security & Enforcement A REPORT FROM NEWNET COMMUNICATION TECHNOLOGIES, LLC Copyright NewNet Communication Technologies, LLC. 700 East Butterfield Road, Suite 350, Lombard, IL 60148
More informationWho Am I? Mark Cusack Chief Architect 9 years@rainstor Founding developer Ex UK Ministry of Defence Research InfoSec projects
1 Who Am I? Mark Cusack Chief Architect 9 years@rainstor Founding developer Ex UK Ministry of Defence Research InfoSec projects 2 RainStor: a SQL Database on Hadoop SCALE (MPP, Shared everything) LOAD
More informationThoughts on PCI DSS 3.0. September, 2014
Thoughts on PCI DSS 3.0 September, 2014 Speaker Today Jeff Sanchez is a Managing Director in Protiviti s Los Angeles office. He joined Protiviti in 2002 after spending 10 years with Arthur Andersen s Technology
More informationA modern, flexible approach to Hadoop implementation incorporating innovations from HP Vertica & IDOL
A modern, flexible approach to Hadoop implementation incorporating innovations from HP Vertica & IDOL Gilles Noisette, HP EMEA Big Data CoE London 2015 Agenda Hadoop in the HP Big Data picture HP Platforms
More informationBuilding a Mobile App Security Risk Management Program. Copyright 2012, Security Risk Advisors, Inc. All Rights Reserved
Building a Mobile App Security Risk Management Program Your Presenters Who Are We? Chris Salerno, Consultant, Security Risk Advisors Lead consultant for mobile, network, web application penetration testing
More informationThe Relationship Between PCI, Encryption and Tokenization: What you need to know
October 2014 The Relationship Between PCI, Encryption and Tokenization: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems,
More informationPCI Solution for Retail: Addressing Compliance and Security Best Practices
PCI Solution for Retail: Addressing Compliance and Security Best Practices Executive Summary The Payment Card Industry (PCI) Data Security Standard has been revised to address an evolving risk environment
More informationHow To Reduce Pci Dss Scope
WHITE PAPER Intel Expressway Tokenization Broker PCI DSS Reducing PCI DSS Scope: The Gateway Approach Challenge: Payment applications that handle credit card numbers pull connected systems into PCI DSS
More informationWhat Data Thieves Don t Want You to Know: The Facts About Encryption and Tokenization
What Data Thieves Don t Want You to Know: The Facts About Encryption and Tokenization 2012 First Data Corporation. All trademarks, service marks and trade names referenced in this material are the property
More informationPCI Data Security. Meeting the Challenges of PCI DSS Payment Card Security
White Paper 0x8c1a3291 0x56de5791 0x450a0ad2 axd8c447ae 8820572 0x5f8a153d 0x19df c2fe97 0xd61b5228 0xf32 4856 0x3fe63453 0xa3bdff82 0x30e571cf 0x36e0045b 0xad22db6a 0x100daa87 0x48df 0x5ef8189b 0x255ba12
More informationData Security as a Business Enabler Not a Ball & Chain. Big Data Everywhere May 21, 2015
Data Security as a Business Enabler Not a Ball & Chain Big Data Everywhere May 21, 2015 Les McMonagle Protegrity - Director Data Security Solutions Les has over twenty years experience in information security.
More informationDATA SECURITY, FRAUD PREVENTION AND COMPLIANCE
DATA SECURITY, FRAUD PREVENTION AND COMPLIANCE December 2015 English_General This presentation was prepared exclusively for the benefit and internal use of the J.P. Morgan client or potential client to
More informationEnsure PCI DSS compliance for your Hadoop environment. A Hortonworks White Paper October 2015
Ensure PCI DSS compliance for your Hadoop environment A Hortonworks White Paper October 2015 2 Contents Overview Why PCI matters to your business Building support for PCI compliance into your Hadoop environment
More informationPayment Card Industry Data Security Standard Training. Chris Harper Vice President of Technical Services Secure Enterprise Computing, Inc.
Payment Card Industry Data Security Standard Training Chris Harper Vice President of Technical Services Secure Enterprise Computing, Inc. March 27, 2012 Agenda Check-In 9:00-9:30 PCI Intro and History
More informationWhere Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the Cloud - Practical advice for cloud data security Ulf Mattsson CTO, Protegrity Ulf.Mattsson@protegrity.com Ulf Mattsson, Protegrity CTO Cloud Security Alliance
More informationTeradata and Protegrity High-Value Protection for High-Value Data
Teradata and Protegrity High-Value Protection for High-Value Data 03.16 EB7178 DATA SECURITY Table of Contents 2 Data-Centric Security: Providing High-Value Protection for High-Value Data 3 Visibility:
More informationData Security, Fraud Prevention, and Cost Control. Mike Dorland, CPP Regional Marketing Representative Michigan Retailers Association
Data Security, Fraud Prevention, and Cost Control Mike Dorland, CPP Regional Marketing Representative Michigan Retailers Association Michigan Retailers Association Incorporated in 1940 Represent retail
More informationDatabase Security Solutions in Cloud and Outsourced Environments
Database Security Solutions in Cloud and Outsourced Environments Ulf Mat t sson TCO Prot egri t y ul f. mat t sson AT prot egri t y. com Ulf Mattsson 20 years with IBM Development & Global Services Inventor
More informationVirginia Government Finance Officers Association Spring Conference May 28, 2014. Cloud Security 101
Virginia Government Finance Officers Association Spring Conference May 28, 2014 Cloud Security 101 Presenters: John Montoro, RealTime Accounting Solutions Ted Brown, Network Alliance Presenters John Montoro
More informationManaging the Costs of Securing Cardholder Data
Payment Security ROI White Paper Managing the Costs of Securing Cardholder Data The costs and complexities related to protecting cardholder data and complying with PCI regulations have become burdensome
More informationTarget Security Breach
Target Security Breach Lessons Learned for Retailers and Consumers 2014 Pointe Solutions, Inc. PO Box 41, Exton, PA 19341 USA +1 610 524 1230 Background In the aftermath of the Target breach that affected
More informationCloud Security: Evaluating Risks within IAAS/PAAS/SAAS
Cloud Security: Evaluating Risks within IAAS/PAAS/SAAS Char Sample Security Engineer, Carnegie Mellon University CERT Information Security Decisions TechTarget Disclaimer Standard Disclaimer - This talk
More information1/18/10. Walt Conway. PCI DSS in Context. Some History The Digital Dozen Key Players Cardholder Data Outsourcing Conclusions. PCI in Higher Education
PCI in Higher Education Walter Conway, QSA 403 Labs, LLC Walt Conway PCI consultant, blogger, trainer, speaker, author Former Visa VP Help schools become PCI compliant Represent Higher Education at PCI
More informationINSERT COMPANY LOGO HERE. 2015 North American Big Data Analytics Product Leadership Award
2015 INSERT COMPANY LOGO HERE 2015 North American Big Data Analytics Product Leadership Award Contents Background and Company Performance... 3 Industry Challenges... 3 Product Family Attributes and Business
More informationChukwa, Hadoop subproject, 37, 131 Cloud enabled big data, 4 Codd s 12 rules, 1 Column-oriented databases, 18, 52 Compression pattern, 83 84
Index A Amazon Web Services (AWS), 50, 58 Analytics engine, 21 22 Apache Kafka, 38, 131 Apache S4, 38, 131 Apache Sqoop, 37, 131 Appliance pattern, 104 105 Application architecture, big data analytics
More informationSecuring Sensitive Data
Securing Sensitive Data A Comprehensive Guide to Encryption Technology Approaches Vormetric, Inc. 888.267.3732 408.433.6000 sales@vormetric.com www.vormetric.com Page 1 Executive Summary Enterprises can
More informationSecurity It s an ecosystem thing
Security It s an ecosystem thing Joseph Alhadeff Vice President Global Public Policy, Chief Privacy Strategist The Security challenge in the before time. Today s Threat Environment
More informationDon t Forget Your Security Umbrella in the Cloud
Don t Forget Your Security Umbrella in the Cloud Richard Sheng Director of Product Marketing, APAC Why the cloud matters? Speed and Business Impact Expertise and Performance Massive Cost Reduction 1) The
More informationA Primer on Payment Security Technologies: Encryption and Tokenization
A Primer on Payment Security Technologies: Encryption and Tokenization Solutions like end-to-end encryption and tokenization can help merchants go beyond the current requirements of PCI, solving for many
More informationLas Vegas Datacenter Overview. Product Overview and Data Sheet. Created on 6/18/2014 3:49:00 PM
Las Vegas Datacenter Overview Product Overview and Data Sheet Product Data Sheet Maintaining a Software as a Service (SaaS) environment with market leading availability and security is something that Active
More informationEmulexSecure 8Gb/s HBA Architecture Frequently Asked Questions
EmulexSecure 8Gb/s HBA Architecture Frequently Asked Questions Security and Encryption Overview... 2 1. What is encryption?... 2 2. What is the AES encryption standard?... 2 3. What is key management?...
More informationPCI PA - DSS. Point XSA Implementation Guide. Atos Worldline Banksys XENTA SA. Version 1.00
PCI PA - DSS Point XSA Implementation Guide Atos Worldline Banksys XENTA SA Version 1.00 POINT TRANSACTION SYSTEMS AB Box 92031, 120 06 Stockholm, Tel. +46 8 566 287 00 www.point.se Page number 2 (16)
More informationCloud Data Security. Sol Cates CSO @solcates scates@vormetric.com
Cloud Data Security Sol Cates CSO @solcates scates@vormetric.com Agenda The Cloud Securing your data, in someone else s house Explore IT s Dirty Little Secret Why is Data so Vulnerable? A bit about Vormetric
More informationMobile, Cloud, Advanced Threats: A Unified Approach to Security
Mobile, Cloud, Advanced Threats: A Unified Approach to Security David Druker, Ph.D. Senior Security Solution Architect IBM 1 Business Security for Business 2 Common Business Functions Manufacturing or
More informationNetwork Security & Privacy Landscape
Network Security & Privacy Landscape Presented By: Greg Garijanian Senior Underwriter Professional Liability 1 Agenda Network Security Overview -Latest Threats - Exposure Trends - Regulations Case Studies
More informationCompliance for the Road Ahead
THE DATA PROTECTION COMPANY CENTRAL CONTROL A NTROL RBAC UNIVERSAL DATA PROTECTION POLICY ENTERPRISE KEY DIAGRAM MANAGEMENT SECURE KEY STORAGE ENCRYPTION SERVICES LOGGING AUDITING Compliance for the Road
More informationExecutive s Guide to Cloud Access Security Brokers
Executive s Guide to Cloud Access Security Brokers Contents Executive s Guide to Cloud Access Security Brokers Contributor: Amy Newman 2 2 Why You Need a Cloud Access Security Broker 5 You Can t Achieve
More informationAre You Ready For PCI v 3.0. Speaker: Corbin DelCarlo Institution: McGladrey LLP Date: October 6, 2014
Are You Ready For PCI v 3.0 Speaker: Corbin DelCarlo Institution: McGladrey LLP Date: October 6, 2014 Today s Presenter Corbin Del Carlo QSA, PA QSA Director, National Leader PCI Services Practice 847.413.6319
More informationData movement for globally deployed Big Data Hadoop architectures
Data movement for globally deployed Big Data Hadoop architectures Scott Rudenstein VP Technical Services November 2015 WANdisco Background WANdisco: Wide Area Network Distributed Computing " Enterprise
More informationJosiah Wilkinson Internal Security Assessor. Nationwide
Josiah Wilkinson Internal Security Assessor Nationwide Payment Card Industry Overview PCI Governance/Enforcement Agenda PCI Data Security Standard Penalties for Non-Compliance Keys to Compliance Challenges
More informationPart V Applications. What is cloud computing? SaaS has been around for awhile. Cloud Computing: General concepts
Part V Applications Cloud Computing: General concepts Copyright K.Goseva 2010 CS 736 Software Performance Engineering Slide 1 What is cloud computing? SaaS: Software as a Service Cloud: Datacenters hardware
More informationStrong data protection. Strategic business value. www.thales-esecurity.com
Someone is stalking your sensitive data. Coveting your intellectual property. Waiting for the slightest crack in the window of opportunity to hack it, misuse it, and run. How can you best protect and control
More informationSecuring The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master
Securing The Cloud Foundational Best Practices For Securing Cloud Computing Scott Clark Agenda Introduction to Cloud Computing What is Different in the Cloud? CSA Guidance Additional Resources 2 What is
More informationRealizing the Benefits of Hybrid Cloud. Anand MS Cloud Solutions Architect Microsoft Asia Pacific
Realizing the Benefits of Hybrid Cloud Anand MS Cloud Solutions Architect Microsoft Asia Pacific Agenda Key drivers for Hybrid Cloud Unified Cloud Strategy Example Use Cases How to get there Hybrid Cloud:
More informationFive Keys to Big Data Audit and Protection WHITEPAPER
1 Introduction Driven by the promise of uncovering valuable insights that enable better, fine-tuned decision making, many businesses are planning if not already making substantial investments in big data
More informationIs the PCI Data Security Standard Enough?
Is the PCI Data Security Standard Enough? By: Christina M. Freeman ICTN 6870 Advanced Network Security Abstract: This paper will present the researched facts on Payment Card Industry Data Security Standard
More informationSecurity & Cloud Services IAN KAYNE
Security & Cloud Services IAN KAYNE CloudComponents CLOUD SERVICES Dynamically scalable infrastructure, services and software based on broad network accessibility NETWORK ACCESS INTERNAL ESTATE CloudComponents
More informationAnalyzing Security for Retailers An analysis of what retailers can do to improve their network security
Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary
More informationAGENDA. What is BIG DATA? What is Hadoop? Why Microsoft? The Microsoft BIG DATA story. Our BIG DATA Roadmap. Hadoop PDW
AGENDA What is BIG DATA? What is Hadoop? Why Microsoft? The Microsoft BIG DATA story Hadoop PDW Our BIG DATA Roadmap BIG DATA? Volume 59% growth in annual WW information 1.2M Zetabytes (10 21 bytes) this
More informationBig Data, Big Risk, Big Rewards. Hussein Syed
Big Data, Big Risk, Big Rewards Hussein Syed Discussion Topics Information Security in healthcare Cyber Security Big Data Security Security and Privacy concerns Security and Privacy Governance Big Data
More informationBalancing Security Investment Against Today's Threat Environment
Balancing Security Investment Against Today's Threat Environment Niel Pandya Data Security, Senior Manager, Oracle ASEAN The following is intended to outline our general product direction.
More informationData Protection and Mobile Payments. Jose Diaz - Business Development & Technical Alliances Ted Heiman Key Account Manager Thales e-security
Data Protection and Mobile Payments Jose Diaz - Business Development & Technical Alliances Ted Heiman Key Account Manager Thales e-security 2 Today s reality It s a data-centric world. And the data is
More informationWhat You Need to Know About CLOUD INFORMATION PROTECTION SOLUTIONS
What You Need to Know About CLOUD INFORMATION PROTECTION SOLUTIONS Table of Contents Cloud Adoption Drivers Key Capabilities and Technologies Usability and User Experience Security Technology Architecture
More information