Home » The Art of Data Protection

NASDAQ OMX & SafeNet discuss securing financial data in the cloud

SafeNetMay 23, 2013, 12:12 pm EDT

On this episode of the TabbFORUM, SafeNet’s David Etue is joined by Adam Honoré, managing director of NASDAQ’s FinQloud, to discuss the challenges and solutions for securing financial data in the cloud. FinQloud began as an internal NASDAQ initiative, and has grown into an on-demand offering based on Amazon Web Services and SafeNet security.

Some of the controls Honoré and Etue recommend are authentication, encryption, key management, and real-time monitoring. In particular, encryption is a popular choice for financial service providers.

“Clouds love encryption,” says David Etue. “When you have a cloud provider like Amazon Web Services or infrastructure-as-a-service…illustrating control of your data can be very challenging from a security or audit perspective. When you wrap that data in encryption and you have strong encryption and good key management. All of a sudden you have the ability to abstract the visibility and control of that data away from the infrastructure itself.”

Read More View all comments

New Partner Resource: Secure the Breach Channel-Ready Kit

SafeNetMay 22, 2013, 04:50 pm EDT

The frightening reality is that the way the entire world consumes and shares data has dramatically change over the past few years, and companies are still spending 80% of their IT budgets securing the perimeter instead of what it really matters, THE DATA.

This presents SafeNet’s channel partners with an excellent opportunity.

To help you shift your customers understanding of reality, where the end result is a Secure Breach environment, and perimeter breaches have no actual impact on the encrypted data itself, we have put together a set of sales tools for you to use in your sales efforts.

Download your Secure the Breach Channel Ready Sales Kit and change the conversation from Breach Avoidance to Breach Acceptance.

Read More View all comments

5 Tips to Prepare for the Attack

Cheryl ShoultsMay 16, 2013, 03:57 pm EDT

SecurityWeek published a great article today: Preparing for an Attack: 5 Tips for Organizations. Marc Solomon starts out by saying, “Even the most security diligent organizations are realizing that breaches are no longer a question of ‘if’ but a question of ‘when.’” Yep. That’s the concept of “Breach Acceptance” that CSO Tsion Gonen has been preaching for the past year (see his article in Network World). So, now that you’ve accepted that breaches are a “when” and not an “if,” Solomon gives these five tips to make your breach cleanup run a little more smoothly.

1. Adopt a threat-centric approach to security. You need solutions that address the extended network – protecting endpoints, mobile and virtual environments.

2. Automate security as much as possible. Manual processes are inadequate to defend against relentless attacks that often employ automated techniques to accelerate and broaden attacks. For example, SafeNet Authentication Service uses automated setup and maintenance policies, freeing staff to focus on critical tasks. The Crypto Hypervisor automatically tracks encryption keys in virtual environments so your data is never left unprotected.

3. Leverage retrospective security. Look for technologies that address this scenario by continuously monitoring files originally deemed “safe” or “unknown” and enabling you to apply retrospective security if these files are later determined to be malicious.

4. Hone your incident response processes. The Verizon 2013 Data Breach Investigations Report found that in 22 percent of the incidents investigated it took months to contain the breach. Orgs should have an Incident Response Team trained on what to do, an InfoSec Policy to ensure you’re protecting the right data, an Incident Response Runbook with step-by-step instructions, and quarterly systematic program reviews.

5. Educate users and IT security staff on the latest threats. Educating users and keeping staff trained on the current threat landscape can go a long way toward preventing these malicious attacks that often rely on relatively simple methods.

Read the full article at SecurityWeek.com. Learn more about SafeNet’s data protection solutions to help you create a secure breach.

Read More View all comments

Alvand Solutions on eBanking, Compliance and Security

SafeNetMay 9, 2013, 08:05 am EDT

Alvand Solutions provides Enterprise Security, FinanceCenter, Application Development, and Project Management Services. To ensure their clients are equipped to combat the latest cybersecurity threats, Alvand Solutions recommends encryption solutions like SafeNet hardware security modules (HSMs).

“Data breaches are happening to globally recognized entities, and obviously it’s a key concern for the financial services industry,” says David Jones, VP of Alvand Solutions. “Encryption is fairly standard. People know how it works, but in terms of effectively implementing and securing it, that’s where SafeNet solutions come to the floor.”

Learn more about SafeNet’s solutions for the financial services industry at http://www2.safenet-inc.com/email/2013/dp/financial-services/index.html.

Read More View all comments

Panel: Virtual World with Virtual Risks. Can it be Cloudy and Clearly Secure?

SafeNetMay 6, 2013, 05:05 am EDT

May 15 2013 11am ET/ 4pm UK – Register Now

As companies migrate to the virtual datacenter, executives must deal with security, audit, and visibility of their environment which has grown beyond their physical datacenter. Because of this, hesitancy remains and many questions are still being asked. What is a next-gen datacenter? What changes as businesses take steps toward a hybrid datacenter? When they move to a virtualized environment, how does their data remain secured and in their control? Will encrypting data in this environment achieve visibility and control of who is accessing it? Plus, despite more knowledge on virtual risks, cloud services are still being purchased without authentication, adopting cloud first and then thinking about security second. So how can organisations win the struggle with authentication in the cloud?Join your fellow professionals for this lively and insightful discussion providing a complete vision on virtual risks in a virtual world. Then understand a way to manage risk, maintain compliance, accelerate and protect business from evolving security threats

Panelists:

Gargi Mitra Keeling, VMware

“What customers want is choice in application deployment models whether it is a dedicated virtual cluster, mixed trust cluster, private cloud, public/dedicated cloud or public/shared cloud. But they want these options with the assurance that their data is always under their control.”

Jofre Palau, Vodafone

“We need to deliver, or our customers need to deliver, access to internal services, through a variety of devices- laptops which are not enrolled, tablets, smartphones, etc., and we require a flexible solution.”

Patrick McBride, Xceedium

“We used to put in hardware applications, but now customers want a platform they can run on VMware, or from the cloud. And in that scenario, they don’t want stovepipes. They want to be able to take the appliance and manage it everywhere.”

As well as Jason Hart and Leonor Martins of SafeNet. Register now for this expert panel, and better understand a way to manage risk, maintain compliance, accelerate and protect business from evolving security threats.

Read More View all comments