Data Security Using TCG Self-Encrypting Drive Technology
|
|
- Madlyn Collins
- 8 years ago
- Views:
Transcription
1 Data Security Using TCG Self-Encrypting Drive Technology June 11, :00PM EDT Copyright 2013 Trusted Computing Group 1
2 Copyright 2013 Trusted Computing Group 2
3 Tom Coughlin, Founder, Coughlin Associates. Tom has worked for over 20 years in the digital storage industry as an engineer and engineering manager. He has over 70 published articles, books and reports and 6 granted patents. Coughlin Associates publishes reports on digital storage and applications as well as provides various types of consulting services. Tom is an active member in IDEMA, IEEE, SMPTE, SNIA and other technical organizations. Dr. Michael Willett, Storage Security Strategist, Samsung. Recently, Dr. Willett was a Senior Director at Seagate Research, focusing on security functionality on hard drives, including self-encryption, related standardization, product rollout, patent development, and partner liaison. Currently, Dr. Willett serves as a consultant on the marketing of storage-based security. Presently, Dr. Willett is working with Samsung as a storage security strategist, helping to define their self-encryption strategy across Samsung s portfolio of solid-state storage products. Hussein Syed, Director of IT Security, Barnabas Health. Hussein has over 18 years IT experience of which 10 years has been in IT Security. He has a thorough understanding of health care business enablement (both clinical and business-driven) focusing on secure practice and compliance. In his role he has to remain technical and understands its impact on risk, workflow, patient care/satisfaction and physician/clinician enablement. Hussein has also participated in Gartner and NJHIMMS roundtable sessions on HIPAA/HITECH and IT Security. Copyright 2013 Trusted Computing Group 3
4 Copyright 2013 Trusted Computing Group 4
5 Increasing world-wide financial and legal consequences for data loss and data breaches Safe Harbor laws in most of the US and the EU for loss of devices with secured and encrypted data Trusted Computing Group (TCG) standards for notebook/portable computers (OPAL) and Enterprise Storage Devices using FIPS compliant AES 128 and 256 bit encryption Lower overhead encryption and decryption for SEDs than software encryption SEDs allow fast Crypto-Erase that sanitizes drive data before drive replacement, repair, de-commissioning, re-purposing and end of life Copyright 2013 Trusted Computing Group 5
6 Most major storage device companies provide SEDs Seagate, Western Digital, HGST (part of WD) and Toshiba offer portable and/or enterprise TCG encrypted HDDs Micron and Samsung provide TCG OPAL compliant SSDs There are special advantages for TCG encrypted SSDs Crypto-erase may be the most effective way to sanitize an SSD The overhead penalty for software encryption vs. self-encryption is even more significant for SSDs than HDDs Copyright 2013 Trusted Computing Group 6
7 Million Units Shipped High Median Low By 2017, all hard disk drives will be SED capable, with encryption integration into the controller (as a reference point, over 25% were SED enabled in 2011) Copyright 2013 Trusted Computing Group 7
8 Million Units Shipped High Estimate Mean Estimate Low Estimate By 2013, 80% of SSDs will be SED capable and by 2016, penetration will near 100% Copyright 2013 Trusted Computing Group 8
9 Copyright 2013 Trusted Computing Group 9
10 All Drives eventually leave the data center IBM estimates 90% are still readable Why secure data? Increasing global regulations for data security PCI, HIPAA regulations require data privacy 46+ states have breach notification laws with encryption safe harbor Increasing consequences of non-compliance from privacy protection and breach notification laws Ponemon Institute estimates $194 for US company per compromised customer record in 2011; Average total per-incident cost of $5.5 Million. Privacy Rights Clearinghouse reports 607,234,229 records have been breached as of February 2013 Copyright 2013 Trusted Computing Group 10
11 The Problem Since 2005, over 345,124,400 records containing sensitive personal information have been involved in security breaches In 2008, the average cost of a data breach was $6.65 million per affected corporation ($202 per record) $6.65 Million Per Incident Reported Data Breaches Since February 2005 to Now # of reported breaches per month Feb-05 Apr-05 Jun-05 Aug-05 Oct-05 Dec-05 Feb-06 Apr-06 Jun-06 Aug-06 Source: Privacy Rights Clearinghouse Copyright 2013 Trusted Computing Group 11
12 Since 2005, over 345,124,400 records containing sensitive personal information have been involved in security breaches Legal The Problem In 2008, the average cost of a data breach was $6.65 million per affected corporation ($202 per record) $6.65 Million Per Incident # of reported breaches per month Feb-05 Reported Data Breaches Since February 2005 to Now Financial Apr-05 Jun-05 Aug-05 Oct-05 Reputation Source: Privacy Rights Clearinghouse Dec-05 Feb-06 Apr-06 Jun-06 Aug-06 Copyright 2013 Trusted Computing Group 12
13 Threat scenario: stored data leaves the owner s control lost, stolen, re-purposed, repaired, end-oflife, Compliance (Breach Notification) 46+ states have data privacy laws with encryption safe harbors New U.S. Federal and EU data breach legislation Data center and laptop drives are mobile (HDD, SSD) Exposure of data loss is expensive ($6.65 Million on average per incident 1 ) Obsolete, Failed, Stolen, Misplaced Nearly ALL drives leave the security of the data center The vast majority of decommissioned drives are still readable 1. Ponemon Institute, Fourth Annual US Cost of Data Breach Study Jan Copyright 2013 Trusted Computing Group 13
14 Security Subsystem Classes: Opal (laptop) Enterprise (data center) Optical Copyright 2013 Trusted Computing Group 14
15 Transparency: SEDs come from factory with encryption key already generated Ease of management: No encrypting key to manage Life-cycle costs: The cost of an SED is pro-rated into the initial drive cost; software has continuing life cycle costs Disposal or re-purposing cost: With an SED, erase on-board encryption key Re-encryption: With SED, there is no need to ever reencrypt the data Performance: No degradation in SED performance Standardization: Whole drive industry is building to the TCG/SED Specs No interference with upstream processes ISSUE: Hardware acquisition (part of normal replacement cycle) Copyright 2013 Trusted Computing Group 15
16 Pre-boot Authentication AK Authentication Key DEK Data Encryption Key Correct AK? Clear Data Drive does NOT respond to Read or Write Reqs Hash AK No = Yes Clear AK decrypts DEK Unlock HDD DEK encrypts and decrypts User Data Hashed AK Encrypted DEK Encrypted User Data Copyright 2013 Trusted Computing Group 16
17 Stored Data Protection Should equipment be lost, data is not exposed All user data is always encrypted Encryption function cannot be turned off Immediate Data Erasure (Crypto-Erase) When drives are to be retired, relinquished or repurposed Data can be destroyed instantaneously Even if drive is inoperable Recommended by NIST (see SP Guidelines for Media Sanitization) Not Addressed Protecting data in flight Prohibiting unauthorized user access after drive is unlocked Copyright 2013 Trusted Computing Group 17
18 Performance Each SED encrypts all data transferred to it transparently and fast. As SEDs are added, the encryption performance scales linearly. No re-encryption necessary when external credentials (AKs) need changing Security No back doors No access without authentication resistant to evil maid attack All user data encrypted, always Encryption cannot be turned off by user; not exposed outside drive Crypto-Erase of data Manageability No OS or Master Boot Record modification Standard protocol, multiple sources - All drive manufacturers support TCG standard No interference with storage management functions: RAID, backup/restore, compression, de-dup, DLP Lower cost disposal, no hazardous waste created Copyright 2013 Trusted Computing Group 18
19 A case study by Barnabas Health Copyright 2013 Trusted Computing Group 19
20 Organization New Jersey s largest integrated healthcare system 25 functional facilities total Provides treatment for >2M patients/year 18,200 employees, 4,600 doctors Environment 2380 laptops Adopted SED as standard for desktops this year, used by healthcare professionals and executives distributed across 25 functional facilities Protecting PII/PHI/diagnostic information HP shop using Wavemanaged Hitachi SEDs Copyright 2013 Trusted Computing Group 20
21 Barnabas Health New Jersey s largest integrated health delivery system Implemented SEDs in 2380 laptops used by doctors, nurses, administrators and executives across 25 facilities Will be encrypting 13,000 desktops used is the hospitals, via the asset lifecycle process in 4 years, 400 units expected to be done this year. Key Findings: 24 hours faster deployment on average per user over previous software-based encryption Negligible boot time versus up to 30 minutes to boot a PC with software encryption Copyright 2013 Trusted Computing Group 21
22 Identify the data protection risks/requirements Regulatory requirement for data protection Safe harbor exemption Intellectual property/ Proprietary information protection Build a business case Market place analysis Embed into the asset lifecycle program to manage expense
23 Implementation of SED drives Phase in the SED into asset lifecycle Configuration, setup, rollout Support Communication Encryption Drive password Management Ability to provide encryption proof if the asset is lost Governance Ability to provide report Manage device lifecycle Copyright 2013 Trusted Computing Group 23
24 Copyright 2013 Trusted Computing Group 24
25 Encryption everywhere! Data center/branch office to the USB drive Key Management Service Notebook Desktop USB USB Standards-based Multiple vendors; interoperability Unified key management Authentication key management handles all forms of storage Simplified key management Encryption keys never leave the drive. No need to track or manage. Transparent Transparent to OS, applications, application developers, databases, database administrators Automatic performance scaling Granular data classification not needed Standard Key Mgmt Protocol OASIS KMIP Tape Trusted Computing Group T10/T13 Security Protocol Data Center Application Servers Network Storage System, NAS, DAS Authentication Key Flow Branch Office Storage System Local Key Mgmt Data Flow Authentication Key (lock key or password) Data Encryption Key (encrypted) Copyright 2013 Trusted Computing Group 25
26 1. Purchase all new laptops and enterprise data storage with SED drives 2. Retrofit high-risk legacy machines with SED drives 3. Restrict access to stored sensitive data to machines with SED drives in early rollout 4. When adding more drives to array to the data center, use SEDs to avoid concerns for balancing encryption workloads 5. Phase in SEDs into the data center 6. Avoid or minimize the need for data classification 7. Be aware of and accommodate other data security contexts Copyright 2013 Trusted Computing Group 26
27 Post your question now. Copyright 2013 Trusted Computing Group 27
28 Data Security Architect s Guide: Self-Encrypting Drive Market and Technology Report, Tom Coughlin, Coughlin Associates: Encrypting_Drive_Market_and_Technology_Analysis%20Brochure,_ pdf Saint Barnabas Health Care System Case Study: Storage Specifications: Interested in Getting Involved with TCG Join Us: Copyright 2013 Trusted Computing Group 28
Solid-State Drives with Self-Encryption: Solidly Secure
Solid-State Drives with Self-Encryption: Solidly Secure 09/22/2011 Michael Willett Storage Security Strategist SAMSUNG SOLID STATE DRIVES Solid-State Drives SSD ADVANTAGES SOLID STATE DRIVES Save $$ on
More informationSolid State Drives (SSD) with Self Encryption: Solidly Secure Michael Willett Storage Security Strategist Independent Consultant
Solid State Drives (SSD) with Self Encryption: Solidly Secure Michael Willett Storage Security Strategist Independent Consultant Flash Memory Summit 2014 Santa Clara, CA 1 The Problem 2005-2013: over 864,108,052
More informationEncrypted SSDs: Self-Encryption Versus Software Solutions
Encrypted SSDs: Self-Encryption Versus Software Solutions Michael Willett Storage Security Strategist and VP Marketing Bright Plaza Flash Memory Summit 2015 Santa Clara, CA 1 The Problem 2005-2013: over
More informationEncrypted Storage: Self-Encryption versus Software Solutions. Dr. Michael Willett Storage Security Strategist
Encrypted Storage: Self-Encryption versus Software Solutions PRESENTATION TITLE GOES HERE Dr. Michael Willett Storage Security Strategist Independent Consultant ABSTRACT The Trusted Computing Group has
More informationImplementing Stored-Data Encryption (with a bias for self-encrypting drives) Presenter: Michael Willett SAMSUNG Author: Michael Willett, Samsung
(with a bias for self-encrypting drives) Presenter: Michael Willett SAMSUNG Author: Michael Willett, Samsung SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA unless
More informationSolid Security: The Rise of Self-Encrypting. Solid State Drives. Thomas Coughlin
Self-Encrypting PRESENTATION TITLE GOES HERE Solid State Drives Thomas Coughlin Marketing Chair, SNIA Solid State Storage Initiative President, Coughlin Associates About the Presenter Tom Coughlin, Marketing
More informationNew Drive Technologies Enable Strong Data Protection Strategies: Managing Self-Encrypting Drives in the Enterprise
New Drive Technologies Enable Strong Data Protection Strategies: Managing Self-Encrypting Drives in the Enterprise Contents Addressing Common Encryption Issues... 2 Always-On Encryption... 2 Timesavings...
More informationPerceptions about Self-Encrypting Drives: A Study of IT Practitioners
Perceptions about Self-Encrypting Drives: A Study of IT Practitioners Executive Summary Sponsored by Trusted Computing Group Independently conducted by Ponemon Institute LLC Publication Date: April 2011
More informationConsumerization of Trusted Computing. Dr. Michael Willett Samsung
Consumerization of Trusted Computing Dr. Michael Willett Samsung ABSTRACT: Consumerization of Trusted Computing State, Federal, and international legislation mandate the use of strong security measures
More informationFrequently Asked Questions: EMC Isilon Data at Rest Encryption Solution
1 Frequently Asked Questions: EMC Isilon Data at Rest Encryption Solution Table of Contents What s New? Target Customers Customer Benefits Competitive Positioning Technical Sales Questions General Sales
More informationMaking Data at Rest Encryption Easy
Making Data at Rest Encryption Easy MM/DD/YYYY Jason Cox Client Security Products Lead Seagate Technology What is SED? Self Encrypting Drive Basics The storage device LOCKS when it powers OFF. The storage
More informationSelf-Encrypting Hard Disk Drives in the Data Center
Technology Paper Self-Encrypting Hard Disk Introduction At least 35 U.S. states now have data privacy laws that state if you encrypt data-at-rest, you don t have to report breaches of that data. U.S. Congressional
More informationSamsung SED Security in Collaboration with Wave Systems
Samsung SED Security in Collaboration with Wave Systems Safeguarding sensitive data with enhanced performance, robust security, and manageability Samsung Super-speed Drive Secure sensitive data economically
More informationKeep Your Data Secure: Fighting Back With Flash
Keep Your Data Secure: Fighting Back With Flash CONTENTS: Executive Summary...1 Data Encryption: Ensuring Peace of Mind...2 Enhanced Encryption and Device Decommission in the Enterprise...3 Freeing Up
More informationA Comprehensive Plan to Simplify Endpoint Encryption
A Comprehensive Plan to Simplify Endpoint Encryption Managing SEDs, BitLocker, and FileVault Together from the Cloud Executive Summary Encryption is an essential component of any information security plan.
More informationSeagate Secure Technology
Seagate Secure Technology Marketing Bulletin Frequently Asked Questions What is the value of a self-encrypting drive (SED)? SEDs ensure user data can be quickly deleted (erased) using standard drive commands,
More informationHow Cloud Computing Can Accelerate Endpoint Encryption:
How Cloud Computing Can Accelerate Endpoint Encryption: Managing Self-Encrypting Drives in the Cloud Executive Summary Cloud computing is transforming IT for businesses of all sizes, but not without significant
More informationNavigating Endpoint Encryption Technologies
Navigating Endpoint Encryption Technologies Whitepaper November 2010 THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS AND TECHNICAL INACCURACIES. THE CONTENT IS
More informationSelf Encrypting Drive Market & Technology Report
Self Encrypting Drive Market & Technology Report Thomas M. Coughlin Coughlin Associates, Inc. August 2011 2011 Coughlin Associates, Inc. www.tomcoughlin.com 408-978-8184 The Self-Encrypted Drive Market
More informationTrusted Computing Basics: Self-Encrypting Drives
09/21/2011 Trusted Computing Basics: Self-Encrypting Drives Ryan C. Getek, Ph.D. CISSP-ISSEP Secure Storage Lead, Trusted Computing Division, NCSC Jason Cox Client Security Products Lead, Seagate Technology
More informationTechnical Note. Installing Micron SEDs in Windows 8 and 10. Introduction. TN-FD-28: Installing Micron SEDs in Windows 8 and 10.
Technical Note Installing Micron SEDs in Windows 8 and 10 TN-FD-28: Installing Micron SEDs in Windows 8 and 10 Introduction Introduction Self-encrypting drives (SEDs) can provide an effective way of protecting
More informationProtecting Your Business from Costly Data Theft: Why Hardware-Based Encryption Is the Answer
Protecting Your Business from Costly Data Theft: Why Hardware-Based Encryption Is the Answer The Data Breach Epidemic Continues.. 1 Data Encryption Choices for Businesses................... 2 The Hardware
More informationSeagate Instant Secure Erase Deployment Options
Technology Paper Seagate Instant Secure Erase Introduction When hard drives are retired and moved outside the data centre into the hands of others, the data on those drives is put at significant risk.
More informationSelf-Encrypting Drives for Servers, NAS and SAN Arrays
Technology Paper Self-Encrypting Drives for Overview This paper discusses the challenge of securing data on hard drives that will inevitably leave the owner s control. It introduces selfencrypting drives
More informationDell Compellent 6.5 SED Reference Architecture and Best Practices
Dell Compellent 6.5 SED Reference Architecture and Best Practices Dell Storage Technical Solutions May 2014 A Dell Reference Architecture Revisions Date May 2014 Description Initial release THIS WHITE
More informationFull Disk Encryption Drives & Management Software. The Ultimate Security Solution For Data At Rest
Full Disk Encryption Drives & Management Software The Ultimate Security Solution For Data At Rest Agenda Introduction Information Security Challenges Dell Simplifies Security Trusted Drive Technology Seagate
More informationImplementing Disk Encryption on System x Servers with IBM Security Key Lifecycle Manager Solution Guide
Implementing Disk Encryption on System x Servers with IBM Security Key Lifecycle Manager Solution Guide Securing sensitive client and company data is becoming an IT task of paramount importance. Often
More informationGain Complete Data Protection with SanDisk Self-Encrypting SSDs and Wave Systems
Gain Complete Data Protection with SanDisk Self-Encrypting SSDs and Wave Systems Built-in Security to Protect Sensitive Data without Sacrificing Performance What is an SED? A self-encrypting drive performs
More informationSelf Encrypting Drive Market & Technology Report
Self Encrypting Drive Market & Technology Report Thomas M. Coughlin Coughlin Associates, Inc. August 2011 2011 Coughlin Associates, Inc. www.tomcoughlin.com 408-978-8184 The Self-Encrypted Drive Market
More informationSolutions for Encrypting Data on Tape: Considerations and Best Practices
Solutions for Encrypting Data on Tape: Considerations and Best Practices NOTICE This white paper may contain proprietary information protected by copyright. Information in this white paper is subject to
More informationFactory-Installed, Standards-Based Hardware Security. Steven K. Sprague President & CEO, Wave Systems Corp.
Factory-Installed, Standards-Based Hardware Security Steven K. Sprague President & CEO, Wave Systems Corp. The challenge We are having a little problem with identity and data theft. It is time to reduce
More informationXTREMIO DATA AT REST ENCRYPTION
White Paper XTREMIO DATA AT REST ENCRYPTION Abstract Data at Rest Encryption is a mandatory requirement in various industries that host private or sensitive data. This white paper introduces and explains
More informationSymantec Endpoint Encryption Deployment Best Practices and Roadmap
Symantec Endpoint Encryption Deployment Best Practices and Roadmap Jon Allen Baylor University Chief Information Security Officer & Assistant Vice President Rene Kolga Symantec Principle Product Manager
More informationUsing Data Encryption to Achieve HIPAA Safe Harbor in the Cloud
Using Data Encryption to Achieve HIPAA Safe Harbor in the Cloud 1 Contents The Obligation to Protect Patient Data in the Cloud................................................... Complying with the HIPAA
More informationSecuring Corporate Data and Making Life Easier for the IT Admin Benefits of Pre Boot Network Authentication Technology
20140115 Securing Corporate Data and Making Life Easier for the IT Admin Benefits of Pre Boot Network Authentication Technology TABLE OF CONTENTS What s at risk for your organization? 2 Is your business
More informationACER ProShield. Table of Contents
ACER ProShield Table of Contents Revision History... 3 Legal Notices... 4 Executive Summary... 5 Introduction... 5 Protection against unauthorized access... 6 Why ACER ProShield... 7 ACER ProShield...
More informationData-at-Rest Encryption Addresses SAN Security Requirements
Data-at-Rest Encryption Addresses SAN Security Requirements QLogic 2500 Series Fibre Channel Adapters Meet Enterprise Security Needs Key Findings SAN security via encryption is necessary for protecting
More informationAdvances in Storage Security Standards Jason Cox Intel Corporation
Advances in Storage Security Standards Jason Cox Intel Corporation Objectives Overview of Trusted Computing Group (TCG) Storage Work Group Review of TCG Document types and Goals Describe recent specifications
More informationSecureD Technical Overview
WHITEPAPER: SecureD Technical Overview WHITEPAPER: SecureD Technical Overview CONTENTS section page 1 The Challenge to Protect Data at Rest 3 2 Hardware Data Encryption Provides Maximum Security 3 3 SecureD
More informationEmulexSecure 8Gb/s HBA Architecture Frequently Asked Questions
EmulexSecure 8Gb/s HBA Architecture Frequently Asked Questions Security and Encryption Overview... 2 1. What is encryption?... 2 2. What is the AES encryption standard?... 2 3. What is key management?...
More informationThe True Story of Data-At-Rest Encryption & the Cloud
The True Story of Data-At-Rest Encryption & the Cloud by Karen Scarfone Principal Consultant Scarfone Cybersecurity Sponsored by www.firehost.com (US) +1 844 682 2859 (UK) +44 800 500 3167 twitter.com/firehost
More informationTOP FIVE RECOMMENDATIONS FOR ENCRYPTING LAPTOP DATA A BEST PRACTICES GUIDE
TOP FIVE RECOMMENDATIONS FOR ENCRYPTING LAPTOP DATA A BEST PRACTICES GUIDE TODAY S HIGHLY MOBILE WORKFORCE IS PLACING NEW DEMANDS ON IT TEAMS WHEN PROTECTING LAPTOP DATA To guard this corporate data at
More informationABC of Storage Security. M. Granata NetApp System Engineer
ABC of Storage Security M. Granata NetApp System Engineer Encryption Challenges Meet Regulatory Requirements No Performance Impact Ease of Installation Government and industry regulations mandate protection
More informationSelf-Encrypting Drives
Jon Tanguy Senior SSD Technical Marketing Engineer Micron Technology, Inc. February 14, 2014 What is Encryption? In its simplest form, encryption is a mechanism used to obscure data from any unintended
More informationHealthcare Compliance Solutions
Privacy Compliance Healthcare Compliance Solutions Trust and privacy are essential for building meaningful human relationships. Let Protected Trust be your Safe Harbor The U.S. Department of Health and
More informationHIPAA: Understanding The Omnibus Rule and Keeping Your Business Compliant
1 HIPAA: Understanding The Omnibus Rule and Keeping Your Business Compliant Introduction U.S. healthcare laws intended to protect patient information (Protected Health Information or PHI) and the myriad
More informationWhite paper Security Solutions Advanced Theft Protection (ATP) Notebooks
White paper Security Solutions Advanced Theft Protection (ATP) Notebooks Contents Introduction 2 Approaching the Challenge 4 Fujitsu s Offering Advanced Theft Protection (ATP) 5 Fujitsu is taken the lead
More informationPractical Storage Security With Key Management. Russ Fellows, Evaluator Group
Practical Storage Security With Key Management Russ Fellows, Evaluator Group SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA unless otherwise noted. Member companies
More informationSample Data Security Policies
This document provides three example data security policies that cover key areas of concern. They should not be considered an exhaustive list but rather each organization should identify any additional
More informationSTORAGE SECURITY TUTORIAL With a focus on Cloud Storage. Gordon Arnold, IBM
STORAGE SECURITY TUTORIAL With a focus on Cloud Storage Gordon Arnold, IBM SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individual members
More informationIntel RAID Controller Premium Feature Key Training
Intel RAID Controller Premium Feature Key Training AXXRPFKSNSH Snapshot Recovery AXXRPFKDE Self Encrypting Drive (SED) AXXRPFKSSD SSD Cache with Fastpath Note: Graphics for this training is based on RAID
More informationManaging BitLocker Encryption
Managing BitLocker Encryption WWW.CREDANT.COM Introduction Organizations are facing a data security crisis. Despite decades of investment in security, breaches of sensitive information continue to dominate
More informationBypassing Self- Encrypting Drives (SED) in Enterprise Environments. Daniel Boteanu Kevvie Fowler November 12 th, 2015
Bypassing Self- Encrypting Drives (SED) in Enterprise Environments Daniel Boteanu Kevvie Fowler November 12 th, 2015 Who are we? Daniel Boteanu Forensic Technology and ediscovery, KPMG Canada M.Eng., M.Sc.
More informationThe Virtualization Practice
The Virtualization Practice White Paper: Security and Data Protection with Intelligent Desktop Virtualization Bernd Harzog Analyst Virtualization Management January 2012 2012 The Virtualization Practice.
More informationAre your multi-function printers a security risk? Here are five key strategies for safeguarding your data
Are your multi-function printers a security risk? Here are five key strategies for safeguarding your data Printer Security Challenges Executive Summary Security breaches can damage both your operations
More informationAegis Padlock for business
Aegis Padlock for business Problem: Securing private information is critical for individuals and mandatory for business. Mobile users need to protect their personal information from identity theft. Businesses
More informationHardware versus Software
Sponsored by Seagate Hardware versus Software A Usability Comparison of Software-Based Encryption with Seagate DriveTrust Hardware-Based Encryption A SANS Whitepaper September 2007 Written by: J.D. Hietala
More information10 Top Tips for Data Protection in the New Workplace
10 Top Tips for Data Protection in the New Workplace Balancing Workplace Security with Workforce Productivity One of the key things that keeps CIOs awake at night, is worrying about the loss or leakage
More informationAddressing the Data Protection Requirements of the HITECH Act
Addressing the Data Protection Requirements of the HITECH Act Simplifying data protection for healthcare industry compliance with endpoint encryption Trend Micro, Incorporated A Trend Micro White Paper
More informationRSA SECURE WEB ACCESS FOR HEALTHCARE ENVIRONMENTS
RSA SECURE WEB ACCESS FOR HEALTHCARE ENVIRONMENTS Security solutions for patient and provider access AT A GLANCE Healthcare organizations of all sizes are responding to the demands of patients, physicians,
More informationATA DRIVEN GLOBAL VISION CLOUD PLATFORM STRATEG N POWERFUL RELEVANT PERFORMANCE SOLUTION CLO IRTUAL BIG DATA SOLUTION ROI FLEXIBLE DATA DRIVEN V
ATA DRIVEN GLOBAL VISION CLOUD PLATFORM STRATEG N POWERFUL RELEVANT PERFORMANCE SOLUTION CLO IRTUAL BIG DATA SOLUTION ROI FLEXIBLE DATA DRIVEN V WHITE PAPER 4 Ways to Weave Security and Storage Into 1
More informationData Security using Encryption in SwiftStack
Data Security using Encryption in SwiftStack May 2015 Copyright 2015 SwiftStack, Inc. swiftstack.com Page 1 of 11 Table of Contents Introduction... 3 Defining Three Threat Models... 3 Encrypted Data and
More informationCHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device
CHOOSING THE RIGHT PORTABLE SECURITY DEVICE A guideline to help your organization chose the Best Secure USB device Introduction USB devices are widely used and convenient because of their small size, huge
More informationBANKING SECURITY and COMPLIANCE
BANKING SECURITY and COMPLIANCE Cashing In On Banking Security and Compliance With awareness of data breaches at an all-time high, banking institutions are working hard to implement policies and solutions
More information256-bit AES HARDWARE ENCRYPTED SOLID STATE DRIVES
256-bit AES HARDWARE ENCRYPTED SOLID STATE DRIVES integralmemoryusa.com About Us Introducing Integral Memory plc are one of the largest digital memory producers in Europe with more than 20 years of sales
More informationAlliance AES Key Management
Alliance AES Key Management Solution Brief www.patownsend.com Patrick Townsend Security Solutions Criteria for selecting a key management solution for the System i Key Management is as important to your
More informationEncryption Key Management for Microsoft SQL Server 2008/2014
White Paper 0x8c1a3291 0x56de5791 0x450a0ad2 axd8c447ae 8820572 0x5f8a153d 0x19df c2fe97 0xd61b5228 0xf32 4856 0x3fe63453 0xa3bdff82 0x30e571cf 0x36e0045b 0xad22db6a 0x100daa87 0x48df 0x5ef8189b 0x255ba12
More informationData Security Basics: Helping You Protect You
Data Security Basics: Helping You Protect You Why the Focus on Data Security? Because ignoring it can get you: Fined Fired Criminally Prosecuted It can also impact your ability to get future funding, and
More information256-bit AES HARDWARE ENCRYPTED SOLID STATE DRIVES
256-bit AES HARDWARE ENCRYPTED SOLID STATE DRIVES integralmemoryusa.com Integral and the Crypto SSD range Introducing Integral Memory plc are one of the largest digital memory producers in Europe with
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.5)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.5) Directions and Instructions for completing this assessment The answers provided
More informationSecurity Solutions Advanced Theft Protection Notebooks
Issue July 2009 Security Solutions Advanced Theft Protection Notebooks Pages 9 Index Introduction 2 Advanced Theft Protection: The story behind 2 Approaching the challenge 3 The Layered Approach 3 Fujitsu
More informationIBM Data Security Services for endpoint data protection endpoint data loss prevention solution
Automating policy enforcement to prevent endpoint data loss IBM Data Security Services for endpoint data protection endpoint data loss prevention solution Highlights Protecting your business value from
More informationHosting for Healthcare: ADDRESSING THE UNIQUE ISSUES OF HEALTH IT & ACHIEVING END-TO-END COMPLIANCE
Hosting for Healthcare: ADDRESSING THE UNIQUE ISSUES OF HEALTH IT & ACHIEVING END-TO-END COMPLIANCE [ Hosting for Healthcare: Addressing the Unique Issues of Health IT & Achieving End-to-End Compliance
More informationS E A h a w k C r y p t o M i l l CryptoMill Technologies Ltd. www.cryptomill.com
SEAhawk CryptoMill CryptoMill Technologies Ltd. www.cryptomill.com OVERVIEW S EAhawk is an endpoint and removable storage security solution for desktop PCs and laptops running the Microsoft Windows operating
More informationHow to use the Alertsec Service to Achieve HIPAA Compliance for Your Organization
How to use the Alertsec Service to Achieve HIPAA Compliance for Your Organization Alertsec offers Cloud Managed - Policy Controlled - Security Modules for Ensuring Compliance at the Endpoints Contents
More informationDRAFT Standard Statement Encryption
DRAFT Standard Statement Encryption Title: Encryption Standard Document Number: SS-70-006 Effective Date: x/x/2010 Published by: Department of Information Systems 1. Purpose Sensitive information held
More informationCOMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING
COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING INFORMATION TECHNOLOGY STANDARD Name Of Standard: Mobile Device Standard Domain: Security Date Issued: 09/07/2012 Date Revised:
More informationSchool of Nursing Research Seminar. Data Security in The Academic Health Center. Presented By Jon Harper AHC Information Systems
School of Nursing Research Seminar Data Security in The Academic Health Center Presented By Jon Harper AHC Information Systems 1 Overview of AHC-IS and Supported Services Provide desktop support to ~8500+
More informationTop 10 Reasons You Need Encryption
Top 10 Reasons You Need Encryption Executive Summary When you talk about encryption especially to someone who isn t a security specialist you often get a variety of interpretations. In general, encryption
More informationBitLocker Drive Encryption Hardware Enhanced Data Protection. Shon Eizenhoefer, Program Manager Microsoft Corporation
BitLocker Drive Encryption Hardware Enhanced Data Protection Shon Eizenhoefer, Program Manager Microsoft Corporation Agenda Security Background BitLocker Drive Encryption TPM Overview Building a BitLocker
More informationEMC VMAX3 DATA AT REST ENCRYPTION
EMC VMAX3 DATA AT REST ENCRYPTION ABSTRACT In the interconnected world, data and intellectual property is the highest value currency which can be held by corporations. From recent newsworthy examples,
More informationFDE Performance Comparison. Hardware Versus Software Full Drive Encryption
FDE Performance Comparison Hardware Versus Full Drive Encryption A look at performance and other differences between hardware based self-encrypting drives and software approaches to full disk encryption
More informationSmartHIPAA! 5 simple and inexpensive tips to protect patient information
SmartHIPAA! 5 simple and inexpensive tips to protect patient information 5 simple and inexpensive tips to protect patient information HIPAA security guidelines can be confusing and compliance expensive.
More informationAuditing Security: Lessons Learned From Healthcare Security Breaches
Auditing Security: Lessons Learned From Healthcare Security Breaches Adam H. Greene, J.D., M.P.H. Davis Wright Tremaine LLP Washington, D.C. Michael Mac McMillan CynergisTek, Inc. Austin, Texas DISCLAIMER:
More informationRecipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory
Recipe for Mobile Data Security: TPM, Bitlocker, Windows Vista and Active Directory Tom Olzak October 2007 If your business is like mine, laptops regularly disappear. Until recently, centrally managed
More informationSecuring Data Stored On Tape With Encryption: How To Choose the Right Encryption Key Management Solution
Securing Data Stored On Tape With Encryption: How To Choose the Right Encryption Key Management Solution NOTICE This Technology Brief may contain proprietary information protected by copyright. Information
More informationA Strategic Approach to Enterprise Key Management
Ingrian - Enterprise Key Management. A Strategic Approach to Enterprise Key Management Executive Summary: In response to security threats and regulatory mandates, enterprises have adopted a range of encryption
More informationIBM Data Security Services for endpoint data protection endpoint data loss prevention solution
Automating policy enforcement to prevent endpoint data loss IBM Data Security Services for endpoint data protection endpoint data loss prevention solution Highlights Facilitate policy-based expertise and
More informationefolder White Paper: HIPAA Compliance
efolder White Paper: HIPAA Compliance October 2014 Copyright 2014, efolder, Inc. Abstract This paper outlines how companies can use certain efolder services to facilitate HIPAA and HITECH compliance within
More informationHIPAA Security Series
7 Security Standards: Implementation for the Small Provider What is the Security Series? The security series of papers provides guidance from the Centers for Medicare & Medicaid Services (CMS) on the rule
More informationDid security go out the door with your mobile workforce? Help protect your data and brand, and maintain compliance from the outside
Help protect your data and brand, and maintain compliance from the outside September 2006 Copyright 2006 Entrust. All rights reserved. Entrust is a registered trademark of Entrust, Inc. in the United States
More informationPreemptive security solutions for healthcare
Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare
More informationEnova X-Wall LX Frequently Asked Questions
Enova X-Wall LX Frequently Asked Questions Q: What is X-Wall LX? A: X-Wall LX is the third generation of Enova real-time hard drive cryptographic gateway ASIC (Application Specific Integrated Circuit)
More informationAlliance Key Manager Solution Brief
Alliance Key Manager Solution Brief KEY MANAGEMENT Enterprise Encryption Key Management On the road to protecting sensitive data assets, data encryption remains one of the most difficult goals. A major
More informationEfficient Key Management for Oracle Database 11g Release 2 Using Hardware Security Modules
Efficient Key Management for Oracle Database 11g Release 2 Using Hardware Security Modules WHITE PAPER Thales e-security www.thalesesec.com/oracle TABLE OF CONTENT Introduction...3 Oracle Database 11g
More informationIRONKEY CASE STUDIES. Healthcare Solutions
IRONKEY CASE STUDIES Healthcare Solutions HEALTHCARE Business Problem Healthcare providers, insurers and pharmaceutical companies, have a lengthening list of regulations and standards on protecting confidential
More informationA Guide to Managing Microsoft BitLocker in the Enterprise
20140410 A Guide to Managing Microsoft BitLocker in the Enterprise TABLE OF CONTENTS Introduction 2 Why You Can t Ignore Effective FDE 3 BitLocker by Default 4 BitLocker s Total Cost of Ownership 5 SecureDoc
More informationSecuring Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption
THE DATA PROTECTIO TIO N COMPANY Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption whitepaper Executive Summary Long an important security measure, encryption has
More information256-bit AES HARDWARE ENCRYPTED PRODUCT RANGE
256-bit AES HARDWARE ENCRYPTED PRODUCT RANGE USB 3.0 USB 2.0 SSD integralmemory.com About Us Introducing Integral Memory plc are one of the largest digital memory producers in Europe with more than 20
More informationKaspersky Lab s Full Disk Encryption Technology
Kaspersky Lab s Full Disk Encryption Technology In the US alone, an estimated 12,000 laptops are lost or stolen each week. According to the Ponemon Institute, a laptop is stolen every 53 seconds; more
More information