Thales e-Security helps enterprises and cloud providers meet data residency and data sovereignty regulations
Regulation
Active Now
With more than 100 national data privacy laws on the books as of the end of 2016 (including the landmark GDPR in Europe), any global enterprise, SaaS vendor or cloud solution provider needs to pay attention to how data residency requirements for data-at-rest can be met within their environment.
Though there is a wide variation between requirements, meeting this single rule ensures that your organization remains in compliance:
The solution to the problem is to encrypt all data-at-rest and only allow access to data-at-rest from the jurisdiction where it originates.
With Thales e-Security, solving the problem is simple. Using Thales e-Security data-at-rest encryption with access control to limit data access to only those within a specific jurisdiction will satisfy all but a few national requirements (Germany and Spain are specific exceptions).
At the file system and volume level, encrypt data sets from each jurisdiction with Vormetric Transparent Encryption. Set access controls (linked to your directory services infrastructure) so that the data-at-rest can only be decrypted by those within each country. Others will have no access to information, seeing only encrypted data blocks. For best practice, have each country keep their own encryption keys locally, so that even security management personnel from outside their jurisdiction cannot change encryption keys or access policies.
For access to information stored within databases and applications – link access to directory services infrastructure or other access management tools. You can also encrypt data on a column, field or database file level with Vormetric Application Encryption, and manage encryption keys using the Vormetric Data Security Management appliance interfaces to match jurisdictions. Enterprises can use Vormetric’s centralized, uniformly managed Data Security Manager to coordinate these operations.
Vormetric’s Data Security Platform from Thales e-Security also features the Vormetric Cloud Encryption Gateway, which extends the Platform to safeguard sensitive data in cloud storage environments, including Amazon S3, Box and Caringo. The cloud security gateway encrypts sensitive data before it is saved to the cloud. This enables security teams to establish the visibility and control they need around sensitive assets without having to add another point tool that increases system complexity.
Offer customers the option to encrypt data-at-rest, managing their own encryption keys from within their local jurisdiction, and locking out access by others. With Vormetric Transparent Encryption from Thales e-Security, data-at-rest encryption is done by giving each customer its own local, physical or virtual Vormetric Data Security Manager, combined with agents on each customer system linked to that management instance. Consider becoming a Vormetric Partner.
In this white paper, learn about the specific problems around data protection when using servers within Amazon Web Services (AWS) environments....
As security teams struggle to contend with more frequent, costly, and sophisticated attacks, data-at-rest encryption becomes an increasingly critical safeguard....
The Vormetric Data Security Platform makes it efficient to manage data-at-rest security across your entire organization. Built on an extensible infrastructure, Vormetric Data Security Platform products can be deployed individually, while sharing efficient, centralized key management....
Regulation
25 May 2018
Perhaps the most comprehensive data privacy standard to date, GDPR affects any organisation that processes the personal data of EU citizens - regardless of where the organisation is headquartered.
Learn More Mandate
Active Now
Any organisation that plays a role in processing credit and debit card payments must comply with the strict PCI DSS compliance requirements for the processing, storage and transmission of account data.
Learn More Regulation
Active now
Data breach notification requirements following loss of personal information have been enacted by nations around the globe. They vary by jurisdiction but almost universally include a “safe harbour” clause.
Learn More
Vormetric Encryption delivers what we need it to do – without any fuss or drama – knowing it’s in place is one less thing to worry about.Albert AvilaBusiness Solutions Specialist, Fujitsu America, Inc.
Thales e-Security is our standard. Whenever an encryption solution is needed, the answer is always, ‘let’s start with Thales e-Security.Damian McDonaldVice President of Global Information Security, Becton, Dickinson and Company
There is absolutely no noticeable impact on the performance or usability of applications. I am very excited at how easy the solution is to deploy and it has always performed flawlessly.Christian MuusDirector of Security for Teleperformance EMEA
Implementing Vormetric has given our own clients an added level of confidence in the relationship they have with us; they know we’re serious about taking care of their data.Audley Deansenior director of Information Security,
BMC Software
Vormetric’s approach of coupling access control with encryption is a very powerful combination. We use it to demonstrate to clients our commitment to preserving the security and integrity of their test cases, data and designs.David VargasInformation Security Architect
Cadence Design Systems
My concern with encryption was the overhead on user and application performance. With Thales e-Security, people have no idea it’s even running.Karl MudraCIO
Delta Dental of Missouri
The Vormetric solution not only solved all of our encryption needs but alleviated any fears of the complexity and overhead of managing the environment once it was in place.Joseph Johnson,chief information security officer CHS
As a global payment solutions and commerce enablement leader, Verifone’s strategy is to develop and deploy “best in class” payment solutions and services that meet or exceed global security standards and help our clients securely accept electronic payments across all channels of commerce. We… Joe Majka,Chief Security Officer
