Home » The Art of Data Protection
On this episode of the TabbFORUM, SafeNet’s David Etue is joined by Adam Honoré, managing director of NASDAQ’s FinQloud, to discuss the challenges and solutions for securing financial data in the cloud. FinQloud began as an internal NASDAQ initiative, and has grown into an on-demand offering based on Amazon Web Services and SafeNet security.
Some of the controls Honoré and Etue recommend are authentication, encryption, key management, and real-time monitoring. In particular, encryption is a popular choice for financial service providers.
“Clouds love encryption,” says David Etue. “When you have a cloud provider like Amazon Web Services or infrastructure-as-a-service…illustrating control of your data can be very challenging from a security or audit perspective. When you wrap that data in encryption and you have strong encryption and good key management. All of a sudden you have the ability to abstract the visibility and control of that data away from the infrastructure itself.”
The frightening reality is that the way the entire world consumes and shares data has dramatically change over the past few years, and companies are still spending 80% of their IT budgets securing the perimeter instead of what it really matters, THE DATA.
This presents SafeNet’s channel partners with an excellent opportunity.
To help you shift your customers understanding of reality, where the end result is a Secure Breach environment, and perimeter breaches have no actual impact on the encrypted data itself, we have put together a set of sales tools for you to use in your sales efforts.
Download your Secure the Breach Channel Ready Sales Kit and change the conversation from Breach Avoidance to Breach Acceptance.
SecurityWeek published a great article today: Preparing for an Attack: 5 Tips for Organizations. Marc Solomon starts out by saying, “Even the most security diligent organizations are realizing that breaches are no longer a question of ‘if’ but a question of ‘when.’” Yep. That’s the concept of “Breach Acceptance” that CSO Tsion Gonen has been preaching for the past year (see his article in Network World). So, now that you’ve accepted that breaches are a “when” and not an “if,” Solomon gives these five tips to make your breach cleanup run a little more smoothly.
1. Adopt a threat-centric approach to security. You need solutions that address the extended network – protecting endpoints, mobile and virtual environments.
2. Automate security as much as possible. Manual processes are inadequate to defend against relentless attacks that often employ automated techniques to accelerate and broaden attacks. For example, SafeNet Authentication Service uses automated setup and maintenance policies, freeing staff to focus on critical tasks. The Crypto Hypervisor automatically tracks encryption keys in virtual environments so your data is never left unprotected.
3. Leverage retrospective security. Look for technologies that address this scenario by continuously monitoring files originally deemed “safe” or “unknown” and enabling you to apply retrospective security if these files are later determined to be malicious.
4. Hone your incident response processes. The Verizon 2013 Data Breach Investigations Report found that in 22 percent of the incidents investigated it took months to contain the breach. Orgs should have an Incident Response Team trained on what to do, an InfoSec Policy to ensure you’re protecting the right data, an Incident Response Runbook with step-by-step instructions, and quarterly systematic program reviews.
5. Educate users and IT security staff on the latest threats. Educating users and keeping staff trained on the current threat landscape can go a long way toward preventing these malicious attacks that often rely on relatively simple methods.
Alvand Solutions provides Enterprise Security, FinanceCenter, Application Development, and Project Management Services. To ensure their clients are equipped to combat the latest cybersecurity threats, Alvand Solutions recommends encryption solutions like SafeNet hardware security modules (HSMs).
“Data breaches are happening to globally recognized entities, and obviously it’s a key concern for the financial services industry,” says David Jones, VP of Alvand Solutions. “Encryption is fairly standard. People know how it works, but in terms of effectively implementing and securing it, that’s where SafeNet solutions come to the floor.”
Learn more about SafeNet’s solutions for the financial services industry at http://www2.safenet-inc.com/email/2013/dp/financial-services/index.html.
SafeNetMay 6, 2013, 05:05 am EDT
May 15 2013 11am ET/ 4pm UK – Register Now
“What customers want is choice in application deployment models whether it is a dedicated virtual cluster, mixed trust cluster, private cloud, public/dedicated cloud or public/shared cloud. But they want these options with the assurance that their data is always under their control.”
“We need to deliver, or our customers need to deliver, access to internal services, through a variety of devices- laptops which are not enrolled, tablets, smartphones, etc., and we require a flexible solution.”
“We used to put in hardware applications, but now customers want a platform they can run on VMware, or from the cloud. And in that scenario, they don’t want stovepipes. They want to be able to take the appliance and manage it everywhere.”
As well as Jason Hart and Leonor Martins of SafeNet. Register now for this expert panel, and better understand a way to manage risk, maintain compliance, accelerate and protect business from evolving security threats.
SafeNet May 23, 2013, 12:12 pm UTC
SafeNet May 22, 2013, 04:50 pm UTC
SafeNet May 9, 2013, 08:05 am UTC
SafeNet May 6, 2013, 05:05 am UTC
Charles Goldberg January 9, 2013, 10:58 am UTC
Adversary ROI Comes to Atlanta: Josh Corman and David Etue Present at the GFIRST National Conference
David Etue August 17, 2012, 02:15 pm UTC
Landis+Gyr and SafeNet Sign Agreement to Enhance Smart Grid Security for Utility Companies and Consumers
Jennifer Lewis October 20, 2010, 02:54 pm UTC
Andrew Young October 17, 2012, 01:21 pm UTC