Cloud Security

Data Protection for the Cloud

More and more organizations are optimizing their environments by moving workloads to virtual machines (VMs) and the cloud. But many people hold on to the idea that virtualization isn’t a viable option because of the highly sensitive data they need to store and manage. On the contrary, with the right security mechanisms, any organization can migrate high-value data to the cloud or virtual data center.

Fortunately, Gemalto’s proven SafeNet two-factor authentication, encryption, and enterprise key management solutions turn any cloud environment into a trusted and compliant environment by solving the critical challenges of data governance, control, and ownership – no matter where you store your data.

Cloud Data Security Challenges We Address:

Cloud Security

Data Replication & Lack of Visibility

Snapshots and backups are taken daily, or even hourly, and automatically stored in the cloud. Do you know where they’ve been stored, or who can move and copy them? Can you trace unauthorized copying of data?

Cloud Security

New Class of Privileged Users

Virtualization and cloud computing require cooperation between security, storage, server, application, and cloud security admins – all with access to your most sensitive data. With this number of people, the risks of failing an audit, or an admin going rogue, grow exponentially.

Cloud Security

Data Loss from a Breach

In minutes, a disgruntled employee can load an entire virtual machine onto a thumb drive. Virtual data is easily lost or exposed as it moves between VMs or in the cloud. Can you prove that authorized users are accessing your data within their defined policies? Can you block access to compromised information?

Cloud Security

Security in Public Cloud Environments

SafeNet identity and data protection solutions help organizations that want to utilize Amazon Web Services, Microsoft Azure, IBM Softlayer, and VMware public cloud environments as well as applications developed on the Cloud Foundry platform.

Cloud Encryption and Authentication Solutions

Gemalto has developed a comprehensive set of cloud security solutions so that businesses can enjoy the full benefits of cloud computing while maintaining control in virtual environments. Our SafeNet solutions provide a data-centric approach, and allow for the expansion of the existing cloud computing security. The end result: a seamless and secure cloud deployment.

Encryption for Sensitive Data in the Cloud

SafeNet identity and data protection solutions help organizations that want to utilize Amazon Web Services, Microsoft Azure, IBM Softlayer, and VMware public cloud environments as well as applications developed on the Cloud Foundry platform.

Cloud Security

Secure Cloud-Based Applications

While the migration of applications to Software-as-a-Service (SaaS) and Platform-as-a-Service (PaaS) enables dramatic savings for the company as well as improved access for users, this means that there is sensitive data in an environment that is not owned or under the control of the company. Without active protection of the applications, the potential risks associated with the loss of control and trust are significant.

Cloud Security
  • An application encryption solution deployed in combination with SafeNet KeySecure that supports a broad range of the most widely used Web application servers and enterprise applications – including those hosted on virtual machines and in the cloud.

    Learn More.

  • Protect access to cloud-based applications via centrally-managed strong authentication.

    Learn More.

Gemalto’s Cloud-Delivered “As-a-Service” Offerings

Gemalto’s cloud-delivered SafeNet authentication and encryption solutions give organizations the means to improve responsiveness while protecting the sensitive data being accessed and created by users from an increasing amount and variety of endpoints.

Cloud Security
  • Enables organizations to apply strong authentication onto multiple endpoints and address access control vulnerabilities.

    Learn More.

  • IT departments can now deliver on-demand, elastic crypto services for data protection via cloud environments. Establish a pool of pre-configured hardware security module (HSM) resources, and provide those resources to the teams that need them with SafeNet Crypto Command Center.

    Learn More.

Secure Cryptographic Keys in the Cloud

The virtualized nature of the cloud removes many of the control points that have traditionally helped protect sensitive information stored in-house. Administrators should have key managent controls in place to ensure that they are the only ones with control of that data’s cryptographic keys – especially when that data resides in the cloud.

Cloud Security
  • HSM provide FIPS and Common Criteria-certified storage of cryptographic keys, centralized key and policy management, sophisticated encryption, and a wide range of other control features that form the basis for secure, compliant cloud data operations.

    Learn More.

  • Centralizes the management of encryption keys used for the protection of sensitive data in virtualized and cloud environments.

    Learn More.

Securely Transmit Data to and from the Cloud

Organizations using a mix of on-site data centers and cloud storage must ensure high-speed, low-latency, and – above all – secure communication between these environments. With SafeNet high-speed encryptors, companies can secure communications over all cloud-based and internally hosted sites, increase productivity, lower costs, and improve organizational flexibility.

Cloud Security

PRODUCTS

Virtual Machine Encryption with SafeNet ProtectV

The industry’s first comprehensive cloud data protection solution, SafeNet ProtectV enables organizations to securely migrate to the cloud, encrypt entire virtual machine instances and attached storage, control access to data in the cloud, and address industry security standards and regulations.

Some of the many reasons enterprises choose SafeNet Protectv for their virtual machine encryption solution include:

Cloud Security

Support for popular environments

SafeNet ProtectV provides virtual machine encryption for a variety of popular public environments, including Amazon Web Services, Microsoft Azure, IBM SoftLayer Cloud, or VMware.

Cloud Security

Make the most of the cloud

Improve business agility while reducing costs with SafeNet ProtectV’s unified encryption and access control capabilities.

Cloud Security

Control encrypted data and encryption keys

Not only can you track the circumstances surrounding data access, but you can also revoke key access if you suspect a breach has or is about to occur.

Cloud Security

Isolate and control virtual machine instances

SafeNet ProtectV StartGuard pre-boot authentication ensures that no virtual machine can be launched without proper authorization.

Cloud Security

Achieve and maintain compliance

Address PCI DSS, HITECH/HIPAA, the EU’s GDPR, and other regulations by establishing clear accountability with audit trails and detailed compliance reporting.

SaaS Security: Cloud Access Control

When data and applications move to the cloud, user access—by default —takes place remotely. Organizations therefore have to implement user access controls for enterprise resources residing both in the cloud and within the confines of the data center. With enterprise security perimeters becoming increasingly blurry, organizations are having difficulty affording, implementing and managing consistent, unified access policies to distributed IT resources.

Cloud Security

Secure Cloud Access from Gemalto

Gemalto’s SafeNet Authentication Solutions overcome these challenges by allowing organizations to seamlessly extend secure access to the cloud through identity federation. SafeNet authentication platforms leverage organizations’ existing authentication infrastructures, allowing them to extend users’ on-premises identities to the cloud and enabling them to implement consistent access control policies for both cloud and network applications.

Authentication as a Service (AaaS)

SafeNet Authentication Service (SAS) delivers fully-automated, highly secure authentication-as-a service with flexible token options that are tailored to the unique needs of your organization, substantially reducing the total cost of operation.

Cloud Security

SafeNet Authentication Service

SafeNet Authentication Service (SAS) delivers fully-automated, highly secure authentication-as-a service with flexible token options that are tailored to the unique needs of your organization, substantially reducing the total cost of operation.

  • Fully Automated Management
  • Broad Integration Ecosystem
  • Cloud Efficiencies
  • Multi-tier/Multi-tenant Architecture
  • Broad Choice of 2FA Methods and Tokens
  • Standards-based Security
  • Flexible As-a-Service or On-Prem Delivery

Cryptography as a Service

It is common to deploy encryption for the protection and compliance of sensitive and personal information. The security level of any encryption solution often comes down to the security of the encryption keys. And storing the keys in special-purpose hardware, such as a hardware security module (HSM), is recommended by experts as a best practice.

However, until now hardware encryption solutions have not provided the agility and flexibility needed in virtualized and cloud environments. Rolling out a virtual application that requires encryption, signed digital certificates, or other PKI functions can often add days or weeks to a project.

Secure Cloud Access from Gemalto

With our SafeNet Crypto Command Center, the cloud’s first high-assurance key vaulting solution, enterprises can consolidate all their key vaulting and PKI services by moving away from physical HSMs to virtualized HSMs. 

Likewise, Service Providers can add high-value key-vaulting and PKI services to their hosted and cloud offerings that allow them to administrate the HSMs but never access their customers’ keys.

Cloud Security

With SafeNet Crypto Command Center you can benefit from:

  • Dramatic cost savings. Not only can your hardware requirements be reduced by as much as 95%, but Gemalto’s automation processes saves hours of work for each cryptographic resource.
  • Simplified management and administration. Self-service and encryption templates mean that crypto expertise isn’t required for crypto rollouts anymore.
  • Fewer security gaps. Centralized crypto expertise results in security and encryption policies that are enforced consistently across the enterprise.
  • Fast rollout. Now an enterprise can implement encryption in a new application in minutes, not hours.
  • Proven: Built on the market leading SafeNet HSMs which currently provide protection for over $1 trillion in daily financial transactions.

⇓ MOBILE SECTION ⇓

Cloud Data Security Challenges We Address:

  • Snapshots and backups are taken daily, or even hourly, and automatically stored in the cloud. Do you know where they’ve been stored, or who can move and copy them? Can you trace unauthorized copying of data?

  • Virtualization and cloud computing require cooperation between security, storage, server, application, and cloud security admins – all with access to your most sensitive data. With this number of people, the risks of failing an audit, or an admin going rogue, grow exponentially.

  • In minutes, a disgruntled employee can load an entire virtual machine onto a thumb drive. Virtual data is easily lost or exposed as it moves between VMs or in the cloud. Can you prove that authorized users are accessing your data within their defined policies? Can you block access to compromised information?

  • SafeNet identity and data protection solutions help organizations that want to utilize Amazon Web Services, Microsoft Azure, IBM Softlayer, and VMware public cloud environments as well as applications developed on the Cloud Foundry platform.

Cloud Encryption and Authentication Solutions

Encryption for Sensitive Data in the Cloud

Cloud Security

SafeNet identity and data protection solutions help organizations that want to utilize Amazon Web Services, Microsoft Azure, IBM Softlayer, and VMware public cloud environments as well as applications developed on the Cloud Foundry platform.
 

Secure Cloud-Based Applications

Cloud Security

While the migration of applications to Software-as-a-Service (SaaS) and Platform-as-a-Service (PaaS) enables dramatic savings for the company as well as improved access for users, this means that there is sensitive data in an environment that is not owned or under the control of the company. Without active protection of the applications, the potential risks associated with the loss of control and trust are significant.

  • An application encryption solution deployed in combination with SafeNet KeySecure that supports a broad range of the most widely used Web application servers and enterprise applications – including those hosted on virtual machines and in the cloud.

    Learn More.

  • Protect access to cloud-based applications via centrally-managed strong authentication.

    Learn More.

Gemalto’s Cloud-Delivered “As-a-Service” Offerings

Cloud Security

Gemalto’s cloud-delivered SafeNet authentication and encryption solutions give organizations the means to improve responsiveness while protecting the sensitive data being accessed and created by users from an increasing amount and variety of endpoints.

  • Enables organizations to apply strong authentication onto multiple endpoints and address access control vulnerabilities.

    Learn More.

  • IT departments can now deliver on-demand, elastic crypto services for data protection via cloud environments. Establish a pool of pre-configured hardware security module (HSM) resources, and provide those resources to the teams that need them with SafeNet Crypto Command Center.

    Learn More.

Secure Cryptographic Keys in the Cloud

Cloud Security

The virtualized nature of the cloud removes many of the control points that have traditionally helped protect sensitive information stored in-house. Administrators should have key managent controls in place to ensure that they are the only ones with control of that data’s cryptographic keys – especially when that data resides in the cloud.

  • HSM provide FIPS and Common Criteria-certified storage of cryptographic keys, centralized key and policy management, sophisticated encryption, and a wide range of other control features that form the basis for secure, compliant cloud data operations.

    Learn More.

  • Centralizes the management of encryption keys used for the protection of sensitive data in virtualized and cloud environments.

    Learn More.

Securely Transmit Data to and from the Cloud

Cloud Security

Organizations using a mix of on-site data centers and cloud storage must ensure high-speed, low-latency, and – above all – secure communication between these environments. With SafeNet high-speed encryptors, companies can secure communications over all cloud-based and internally hosted sites, increase productivity, lower costs, and improve organizational flexibility.

PRODUCTS

Virtual Machine Encryption with SafeNet ProtectV

Cloud Security

The industry’s first comprehensive cloud data protection solution, SafeNet ProtectV enables organizations to securely migrate to the cloud, encrypt entire virtual machine instances and attached storage, control access to data in the cloud, and address industry security standards and regulations.

Some of the many reasons enterprises choose SafeNet Protectv for their virtual machine encryption solution include:

SaaS Security: Cloud Access Control

Cloud Security

When data and applications move to the cloud, user access—by default —takes place remotely. Organizations therefore have to implement user access controls for enterprise resources residing both in the cloud and within the confines of the data center. With enterprise security perimeters becoming increasingly blurry, organizations are having difficulty affording, implementing and managing consistent, unified access policies to distributed IT resources.

  • Gemalto’s SafeNet Authentication Solutions overcome these challenges by allowing organizations to seamlessly extend secure access to the cloud through identity federation. SafeNet authentication platforms leverage organizations’ existing authentication infrastructures, allowing them to extend users’ on-premises identities to the cloud and enabling them to implement consistent access control policies for both cloud and network applications.

    Learn More.

Authentication as a Service (AaaS)

Cloud Security

SafeNet Authentication Service (SAS) delivers fully-automated, highly secure authentication-as-a service with flexible token options that are tailored to the unique needs of your organization, substantially reducing the total cost of operation.

  • SafeNet Authentication Service (SAS) delivers fully-automated, highly secure authentication-as-a service with flexible token options that are tailored to the unique needs of your organization, substantially reducing the total cost of operation.

    • Fully Automated Management
    • Broad Integration Ecosystem
    • Cloud Efficiencies
    • Multi-tier/Multi-tenant Architecture
    • Broad Choice of 2FA Methods and Tokens
    • Standards-based Security
    • Flexible As-a-Service or On-Prem Delivery

    Learn More.

Cryptography as a Service

Cloud Security

It is common to deploy encryption for the protection and compliance of sensitive and personal information. The security level of any encryption solution often comes down to the security of the encryption keys. And storing the keys in special-purpose hardware, such as a hardware security module (HSM), is recommended by experts as a best practice.

  • With our SafeNet Crypto Command Center, the cloud’s first high-assurance key vaulting solution, enterprises can consolidate all their key vaulting and PKI services by moving away from physical HSMs to virtualized HSMs.

    Likewise, Service Providers can add high-value key-vaulting and PKI services to their hosted and cloud offerings that allow them to administrate the HSMs but never access their customers’ keys.

    With SafeNet Crypto Command Center you can benefit from:

    • Dramatic cost savings. Not only can your hardware requirements be reduced by as much as 95%, but Gemalto’s automation processes saves hours of work for each cryptographic resource.
    • Simplified management and administration. Self-service and encryption templates mean that crypto expertise isn’t required for crypto rollouts anymore.
    • Fewer security gaps. Centralized crypto expertise results in security and encryption policies that are enforced consistently across the enterprise.
    • Fast rollout. Now an enterprise can implement encryption in a new application in minutes, not hours.
    • Proven: Built on the market leading SafeNet HSMs which currently provide protection for over $1 trillion in daily financial transactions.

    Learn More.