Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Thales e-Security corporate presentation

2,556 views

Published on

Thales e-Security + Vormetric have combined to form the leading global data protection and digital trust management company.  Together, we enable companies to compete confidently and quickly by securing data at-rest, in-motion, and in-use to effectively deliver secure and compliant solutions with the highest levels of management, speed and trust across physical, virtual, and cloud environments. By deploying our leading solutions and services, targeted attacks are thwarted and sensitive data risk exposure is reduced with the least business disruption and at the lowest life cycle cost. Thales e-Security and Vormetric are part of Thales Group. www.thales-esecurity.com.

 

Published in: Technology
  • Login to see the comments

Thales e-Security corporate presentation

  1. 1. www.thales-esecurity.com OPEN Thales e-Security + Vormetric Together, Data Protection with Management, Speed and Trust.
  2. 2. 2 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Increased connectivity drives need for trusted relationships
  3. 3. 3 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN … and relationships depend on trusting that data is secure Over 169 million personal records were exposed in 2015, stemming from 781 publicized breaches across the financial, business, education, government and healthcare sectors. The average global cost per each lost or stolen record containing confidential and sensitive data was $154. The industry with the highest cost per stolen record was healthcare, at $363 per record. In 2015, there were 38 percent more security incidents detected than in 2014. 74 percent of CISOs are concerned about employees stealing sensitive company information.
  4. 4. 4 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Encryption solves Source: 2016 Vormetric Data Threat Report Best Practice 53% Reputation 41% Compliance 52% Data Residency 38% Legal/ Financial 31% IP/Competitive 19%
  5. 5. 5 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN … and is now perceived as a strategic business enabler Source: 2016 Global Encryption Trends Study 15% 38%37% 15% FY2005 FY2015 Does YOUR company have an encryption strategy? Company has an enterprise encryption strategy Company does not have an enterprise encryption strategy
  6. 6. 6 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Each use case requires individual infrastructure, management consoles and training Complex • Inefficient • Expensive Customer Records DB/ File Encryption Secure Analytics Big Data PII Application Encryption PCI, PHI Tokenization Data Masking Internet of Things Public Key Infra (PKI) Use Cases Cloud Migration Cloud Security Payment related apps Transaction Security Script Development Code Signing This increased adoption has created encryption silos
  7. 7. 7 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Slide No: 7 THE COMBINATION OF THALES E-SECURITY AND VORMETRIC WILL CREATE A POWERHOUSE IN DATA SECURITY, WITH A BROAD RANGE OF ENCRYPTION, KEY MANAGEMENT AND TOKENIZATION CAPABILITIES THAT FEW VENDORS WILL BE ABLE TO MATCH. GARRET BEKKER – SENIOR ANALYST
  8. 8. 8 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Together, data protection with management, speed and trust Vormetric + Thales e-Security provides the platform of trust with the world’s best Key Management and Data Encryption solutions Data Protection PlatformData Protection Platform Key Management Encryption Key Management Encryption
  9. 9. 9 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN The value we deliver together ▌ We protect data in more environments On premise, in the cloud, database, file, applications, container, at rest and in motion ▌ In more ways Encryption, Tokenization, Masking, Identity, Signing ▌ Providing the most comprehensive, automated key management Through out the data life cycle ▌ With the highest levels of Assurance FIPS Levels 1,2 &3, Common Criteria, PCI HSM, DPA (Side Channel Attack Mitigation) ▌ Using common platforms The least disruptive, easiest to deploy, and manage at the lowest life cycle cost +
  10. 10. www.thales-esecurity.com OPEN Our Solutions
  11. 11. 11 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Comprehensive data protection product portfolio DATA PROTECTION SOFTWARE DATA PROTECTION HARDWARE
  12. 12. 12 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Data Protection Platform Key Management Encryption Together, removing complexity, inefficiency and cost DATA PROTECTION HARDWARE DATA PROTECTION SOFTWARE Customer Records DB/ File Encryption Secure Analytics Big Data PII Application Encryption PCI, PHI Tokenization Data Masking Internet of Things Public Key Infra (PKI) Use Cases Cloud Migration Cloud Security Payment related apps Transaction Security Script Development Code Signing
  13. 13. 13 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Thales e-Security + Vormetric Prepared to Protect ▌ Our Company 750+ employees across 50+ countries More than 10,000 customers across 100 countries Global Services and Support Leader in certified security solutions - FIPS, Common Criteria, PCI HSM 20 leading cloud service providers offer our solution ▌ Our Customer 19 of the 20 largest banks 15 of the fortune 30 companies 3,000 financial institutions worldwide 4 of 5 top energy companies 4 out of the 5 aerospace companies
  14. 14. 14 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN More Environments More Ways Most Comprehensive More Securely Lowest Cost More Ways Most Comprehensive More Securely Lowest Cost More Environments
  15. 15. www.thales-esecurity.com OPEN THALES GROUP INTERNAL THALES GROUP CONFIDENTIAL THALES GROUP SECRET Thank You
  16. 16. www.thales-esecurity.com OPEN For Legacy TeS Customers and Channels For Identification of Vormetric Opportunity
  17. 17. 17 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Questions leading to the value of the platform ▌ Are you finding it costly and difficult to manage a large number of point encryption solutions? ▌ Are you being asked to define a data-at-rest encryption strategy? ▌ Do you want to reduce operational cost to your business by offering encryption-as-a-service? Have you considered a key management strategy and the associated TCO? Are you considering current and future requirements? Such as environments and new technologies? Do you know when root users access data? When they SU and access data as a credentialed user? How do you automate and alarm on this data?
  18. 18. 18 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Vormetric Data Security Platform: Qualifying Questions ▌ How are you currently protecting your sensitive and regulated data at rest? What environments do you have? Windows, Unix, Linux; physical virtual cloud … Are your priorities to protect structured or unstructured data? What technologies for data-at-rest in Big Data or Containers are you using? Do you have multiple key managers? Need help with Nutanix, TDE keys or other devices with native encryption? ▌ Are you concerned about Root and IT Privileged user access? Do you need access controls that stops misuse of privilege user credentials? Are you interested in Security Intelligence logs that provide indicators of compromise and integrate with SIEMs? What about malware and APTs that are leveraging the privileged user credentials?
  19. 19. 19 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Vormetric Data Security Platform: Qualifying Questions ▌ Are you planning to build security up the stack and into your applications? To protect PII, PCI, PHI … Do you have users that need access to portions of the data? Are you considering Vaultless Tokenization, Data masking, or application encryption? ▌ Are your users storing information in S3, Box or other S3-like services (Caringo/object storage) Do users have the ability to store files in the environments above Do want to encrypt on premise and keep your keys on premise before the data reaches the cloud?
  20. 20. 20 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Customer Risk Determines Which Products to Position Application/Database File System Disk SECURITY COMPLEXITY
  21. 21. 21 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Customer Risk Determines Which Products to Position File encryption with access control Application/Database File System Disk SECURITY COMPLEXITY App Level Encryption, Tokenization, TDE, Data Masking Full Disk Encryption (FDE) Protect From vDatabase Admins, SQL Injections Physical theft of media External threats, Privileged User
  22. 22. 22 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Customer Risk Determines Which Products to Position Do you want to encrypt specific fields in columns? Do you want to encrypt files, file shares or databases? Do you want mask data based on user authorization? Do you have Full Disk Encryption? KMIP Client Devices? Certificates to vault? Application/Database File System Disk
  23. 23. 23 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Vormetric Products Protect at Different Levels in the Stack Application/Database File System Disk Key Management Encryption Gateway Transparent Encryption Application Encryption Tokenization
  24. 24. 24 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Products for Specific Use Cases ▌Do you have sensitive data in: Teradata? SAP HANA? S3, Box, S3-compatible services? Do you want to store keys on a central KMS? (VAE/KMIP/Vault/TDE) Encryption Gateway Key Management Transparent Encryption
  25. 25. 25 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Differentiating with the Vormetric Data Security Platform ▌ Vormetric Data Security Platform Mix products and solutions Enterprise-wide Deliver centralized key management FIPS and Common Criteria validated Always ready for the next use case ▌ Environments Any data: Structured and Unstructured Any Server: Windows, Linux, Unix Anywhere: Hybrid clouds and physical Cutting edge: Big Data, Docker, REST APIs ▌ Effective Flexible, fast deployment Efficient operations and performance Proven scalability Application Encryption Encryption Gateway Vormetric Data Security Manager Tokenization Data Masking Key Management Security Intelligence Transparent Encryption
  26. 26. 26 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN More Environments More Ways Most Comprehensive More Securely Lowest Cost More Ways Most Comprehensive More Securely Lowest Cost More Environments
  27. 27. www.thales-esecurity.com OPEN For Legacy Vormetric Customers and Channels For Identification of TeS Opportunity
  28. 28. 28 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN nShield HSMs are FIPS 140-2 Level 3 certified The nShield HSM family ▌ Market leading platform for trusted applications Certified implementations of all leading algorithms World’s fastest ECC performance Proven integration and developer support Secure execution for tamper resistant applications • Network attached appliance • Shared crypto resource • High-volume transactions • High availability nShield Connect • Server-embedded card • Dedicated processing • High performance • Compact PCIe design nShield SolonShield Edge • Portable HSM • Personal use • Small footprint • USB interface
  29. 29. 29 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Optimized key management architecture Operational Ease Hardened Security • Strict policy enforcement • No single point of attack • Powerful separation of duties • Zero-impact backups • Unlimited key capacity • Simplified key distribution Thales Security World Architecture
  30. 30. 30 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN nShield use cases – a small sample E-Ticketing Digital Cinema Manufacturing ▌ Digitally signed barcode helps ensure integrity and authenticity ▌ Authentication between playback devices and servers, content encryption, watermarking ▌ Unique identities & device authenticity to prevent counterfeiting ▌ Digital currency ▌ Cardholder data protection Cloud ▌ HSM provider for Microsoft Azure Key Vault ▌ First to provide ability to Bring Your Own Key to the cloud
  31. 31. 31 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN nShield - Data Protection ▌ nShield ▌ Are you standing up or refreshing a public key infrastructure (PKI)? ▌ Does your organization hold sensitive card holder or personal identifying information (PII)? ▌ Is your organization required to follow data privacy regulations? ▌ Do you control confidential intellectual property or high technology manufacturing processes? ▌ Are you protecting critical applications using software-based cryptography and have a need for stronger controls, such as— Isolation of encryption keys and crypto processes from the host environment Anti-tamper techniques for physical protection Strong authentication for administrators Strongly separated administrator domains Strongly enforced roles-based access and control High integrity random number generation to ensure key strength Processing offload to boost capacity?
  32. 32. 32 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Payment HSM Typical applications Card Issuing Payment Processing
  33. 33. 33 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN payShield use cases Mobile Point of Sale (mPOS) Mobile ProvisioningTransaction Processing ▌PIN block translation and card data validation to authorize transactions for any card scheme ▌ Point to Point Encryption (P2PE) protects payment data and reduces merchant PCI DSS scope Host Card Emulation (HCE) ▌ Secure mobile contactless payments at the point of sale ▌ Secure Element key management and application personalization Card Issuance ▌ Secure EMV card data preparation and PIN generation
  34. 34. 34 This document may not be reproduced, modified, adapted, published, translated, in any way, in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved. OPEN Payment Applications (Issuing / Acquiring) ▌ payShield ▌ Which payment application are you using – in-house or from a Thales ASAP partner (and If so, which one)? ▌ What unique security requirements do you have that are not fulfilled by off-the- shelf solutions? ▌ Do you require PCI HSM compliance in advance of card scheme mandates? ▌ Which new mobile payment solutions are you expecting to support? ▌ Have you considered HSM options to help lower your operating costs, including payShield Manager to eliminate most travel to data centers? CipherTrust for 24 X 7 monitoring of HSM utilization to identify performance bottlenecks? Dedicated software base packages to lower deployment costs? High resilience configurations to help deliver maximum system uptime? Software performance upgrades to maximize HSM investment?

×