End-to-end data-centric security for the new data-driven economy
The challenge in Data Security
The volume of data, the sophistication of ubiquitous computing and the borderless flow of data are outpacing the ability to understand how personal data is being used. In this data-driven economy, 78 percent of consumers think it is hard to trust companies when it comes to the use of their personal data. Why? The number of cyber attacks against enterprises and governments globally, continues to grow in frequency and severity. The findings in the Ponemon Institute Cyber Crime Study suggest companies using encryption technologies are more efficient in detecting and containing cyber attacks. As a result, these companies enjoyed an average cost savings of $883,000 USD annually when compared to companies not deploying encryption technologies. These companies deploying encryption technologies also experienced a substantially higher ROI (at 21 percent) than other technology categories. HPE SecureData provides an end-to-end data-centric approach to enterprise data protection. It is the only comprehensive data protection platform that enables you to protect data over its entire lifecycle—from the point at which it’s captured, throughout its movement across your extended enterprise, all without exposing live information to high-risk, high-threat environments. That’s the essence of data-centric security. HPE SecureData includes next generation technologies, Hyper Format-Preserving Encryption (FPE), Hyper Secure Stateless Tokenization (SST), HPE Stateless Key Management, and data masking. HPE SecureData “de-identifies” data, rendering it useless to attackers, while maintaining its usability, usefulness, and referential integrity for data processes, applications, and services. HPE SecureData neutralizes data breaches by making your protected data absolutely worthless to an attacker, whether it is in production, analytic systems, or test/development systems, such as training and quality assurance.
A unique approach to end-to-end encryption
HPE SecureData is a unique, proven data-centric approach to protection—where the access policy travels with the data itself—by permitting data encryption and tokenization without changes to data format or integrity, and eliminating the cost and complexity of issuing and managing certificates and symmetric keys. As a result, leading companies in financial services, insurance, retail, health care, energy, transportation, telecom and other industries have achieved end-to-end data protection across the extended enterprise with success in as little as 60–90 days, because of the minimum, in most cases zero, impact to applications and database schemas.
Short time to success with Data Security
Most applications can operate using protected data without change. For those applications where sensitive data is first captured or live data is needed for controlled business purposes, HPE SecureData can easily be used with virtually any system, ranging from decades-old custom applications to the latest enterprise programs. Powerful, centrally managed, policy-controlled APIs, such as a REST API and command line tools, enable encryption and tokenization to occur on the widest variety of platforms, including HPE Vertica, HPE NonStop, Teradata, IBM mainframe, Linux® and other open systems. APIs enable broad deployment into portfolios including ETL, cloud, databases and applications, network appliances, and API brokers such as F5 load balancing, and Hadoop with native on-node cluster-wide data masking, encryption and decryption. SIEM/SIM systems can take event data from HPE SecureData for data governance reporting, activity monitoring, and audit. HPE SecureData protects information in compliance with PCI DSS, HIPAA, GLBA, state and national data privacy regulation as well as the European Commission’s General Data Protection Regulation (applicable in all EU member states). HPE SecureData is also compatible with the more stringent PCI DSS 3.2’s new requirements on transport encryption, enabling accelerated compliance ahead of deadlines as recommended by the PCI council. HPE SecureData enables organizations to quickly pass audit and additionally implement full end-to-end data protection to reduce risk impact of data breaches, all without the IT organization having to completely redefine the entire infrastructure and IT processes or policies. On average, HPE SecureData requires less than 0.1 full-time employee (FTE) per data center for ongoing management.