Virtualization Technology News and Information
HyTrust Introduces Seamless Data Discovery, Classification and Encryption for Virtual Environments

HyTrust announced integration between HyTrust DataControl and HyTrust CloudAdvisor for seamless data discovery, classification and encryption in virtual environments. The result gives organizations an automated, end-to-end system to find and understand data; designate it according to policies, laws and requirements; encrypt it based on automated policy; and prevent unauthorized access or transmission. In effect, the integration marries the data discovery and classification of HyTrust CloudAdvisor with the encryption, key management and policy enforcement of HyTrust DataControl, providing organizations a full data lifecycle security solution.

The handling of sensitive data, including patient data in healthcare, financial information and personally identifiable information (PII), must adhere to various industry-specific compliance specs and comply with an organization's own policies and requirements. The now enforceable General Data Protection Regulation (GDPR) brings penalties of up to 4 percent of an organization's worldwide revenue or €20 million, whichever is greater, for violations of its data privacy and usage requirements for data involving EU citizens. Nearly 58 percent of organizations indicated that GDPR has required them to make changes to their data encryption policies and practices, according to a study conducted for HyTrust at the RSA Conference 2018. Over 59 percent named access control, loss of data control and a compliance gap as their top security concerns of public cloud environments.

"With skyrocketing penalties and data handling ramifications along with a labyrinth of complexities, data governance failures can now cost organizations their entire business," said HyTrust Founder and President Eric Chiu. "It is now essential to know what data you possess, what requirements are associated with it, how and where it is stored, who can access it and what can be done with it. The powerful, new integration between HyTrust DataControl and HyTrust CloudAdvisor puts organizations back in control of their data to precisely see, understand and control its use."

Analyst firms predict that in the next 3 to 5 years, enterprises will generate more data than they ever have before. The first step in protecting sensitive or regulated data is to discover it. Then the data can be tagged for its treatment and compliance requirements and encrypted if necessary. With new integration and features, HyTrust CloudAdvisor and HyTrust DataControl products automate the entire process of data discovery and protection in a single, seamless operation.

Find the Data: Data Discovery and Classification

HyTrust CloudAdvisor provides real-time intelligence and actionable insights to secure and protect an organization's entire virtualized data infrastructure. Advanced monitoring, analytics and alerting provide a 360-degree view of all data. Administrators can define data policies in HyTrust CloudAdvisor that are then used to automatically discover valuable or privileged data, detect anomalous user access behaviors and defend data against unauthorized exposure, data loss, malicious attacks, ransomware and regulatory non-compliance, such as where the data can be stored and accessed and how it can be treated.

With HyTrust CloudAdvisor, organizations can easily assess risks by knowing where sensitive data is stored, whether it has been exposed and how broadly it has been accessed. Through the new integration with HyTrust DataControl, data can automatically be encrypted with content-based policy based on pre-defined triggers. Pre-defined tags include personal identifiable information such as date of birth, social security numbers, credit cards and more. Custom tags can also be created that are for identifying sensitive data that must be encrypted or restricted. The integrated system can also also issue alerts, notifications and reports.

In contrast to solutions that require additional servers, databases and costly professional services, HyTrust CloudAdvisor deploys as a single virtual appliance that is easy to configure and manage. By gathering data intelligence as it happens and correlating people, content and time, organizations now have a comprehensive solution that automatically defines, detects and defends sensitive data and its usage.

Protect the Data: Encryption and Key Management

Many regulations, including the NIST Standard 800-53, Presidential Executive Order, and the GDPR, include strict requirements to encrypt data at rest. Encryption is the simplest security strategy to protect sensitive or confidential data such as PII and enterprise secrets. Encrypting sensitive data protects organizations from external threats and, with granular access controls, also minimizes the threat or unintentional misuse from privileged users.

HyTrust DataControl is a multi-cloud-ready virtual appliance offering powerful data-at-rest encryption at the VM level and complete workload lifecycle management - from boot to sanctioned decommissioning. HyTrust DataControl includes its own integrated key management server (KMS), HyTrust KeyControl, which is FIPS 140-2 compliant. It eliminates the challenges of maintaining and managing a separate KMS and getting it to work with another system. The solution provides zero downtime encryption and rekey, access controls for separation of duties among administrators and deduplication-friendly encryption for maximum storage benefit. Zero downtime encryption means the VM does not need to power down, and one can access the sensitive data while encryption is in flight, including read/write operations.

With the integration between HyTrust DataControl and HyTrust CloudAdvisor, VMs can be automatically scanned to detect data requiring special treatment and then automatically encrypted. Scanning uses content-based policy based on defined triggers, either custom or through pre-defined recommendations out-of-the box. Also, already encrypted files can be decrypted and scanned for sensitive data. HyTrust DataControl can then apply proper tags, policies and tracking before re-encrypting the VM.

Extending Cloud Security and Data Protection with HyTrust Cloud SPF

HyTrust CloudAdvisor and HyTrust DataControl are part of the HyTrust Cloud Security Policy Framework (CloudSPF), which includes HyTrust CloudControl, HyTrust KeyControl and HyTrust BoundaryControl. The framework enables multi-cloud public, private and hybrid deployments with advanced security and audit controls, strong encryption, key management and workload geo-fencing solutions.

Integration between HyTrust CloudAdvisor 2.2 and HyTrust DataControl 4.2 is available now.

Published Tuesday, July 03, 2018 7:29 AM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<July 2018>