|
Recent Gartner research on security breaches indicated that companies spent over $90 per customer record lost, comprised of notification costs, credit reporting services, and legal fees. Gartner estimated that the cost of the encryption technology that would have prevented these breaches would be approximately $6 per customer record annually.
For more information on this report, visit: www.gartner.com.
STORAGE SECURITY: WHAT HAS CHANGED?
Over the last several years, a number of trends have raised security concerns around data at rest in storage environments. While billions of dollars have been spent on firewalls, intrusion prevention, and anti-virus solutions, these systems provide little or no protection against internal threats. Disgruntled or irresponsible employees, compromised VPN connections, rogue administrators, and service/contractor staff can easily circumvent these perimeter systems. This is a serious exposure, since a significant percentage of security breaches originate inside the firewall, where security is weakest.
AGGREGATION AND REPLICATION LEADS TO INCREASED EXPOSURE
|
|
Concurrent with this evolution in the security landscape, government and enterprise organizations have made a rapid shift towards aggregated storage networks. The business case for storage networks is also compelling: reduced costs, increased scalability and added operational flexibility. However, as storage networks grow in size and complexity, this consolidation dramatically increases the vulnerability of data -- a single breach can now compromise terabytes of information and millions of records. Modern storage systems provide little native security, and data is stored in vulnerable cleartext format. Further, data is frequently replicated to remote or third party sites for backup, compliance, outsourcing and disaster recovery programs. With every copy of data, organizations create additional access points, and increase the risk of security breaches.
ADDITIONAL MARKET DRIVERS: PRIVACY REGULATIONS
As a result of these trends and the rapid growth of identity theft, governments have enacted a variety of strict security regulations such as GLBA, HIPAA, Sarbanes-Oxley, Basel II, the European Privacy Directive, and CA SB1386. These regulations mandate the privacy and integrity of sensitive customer and corporate data, and require countermeasures against internal and external threats. Gartner Research recently predicted that by year-end 2006, failure to encrypt credit card numbers stored in a database will be considered legal negligence in civil cases of unauthorized disclosures (probability 0.8), and that by year-end 2007, 80% of Fortune 1000 enterprises will encrypt their sensitive data at rest (probability 0.8).
DECRU SOLUTIONS
Recent Gartner research on security breaches indicated that companies spent over $90 per customer record lost, comprised of notification costs, credit reporting services, and legal fees. Gartner estimated that the cost of the encryption technology that would have prevented these breaches would be approximately $6 per customer record annually.
The Decru solution represents the first and only unified platform for securing stored data across the enterprise, with support for NAS, DAS, SAN, Tape, and iSCSI environments. DataFort can be deployed transparently with no changes to applications, servers, desktops, storage, authentication, or user workflow, and negligible impact to overall performance.
Key storage security applications for the enterprise include:
Decru also supports the unique requirements for a range of government applications, including:
 |
Community of Interest separation |
|
Secure DR/COOP |
|
Coalition/Agency data sharing |
|
Classified Message Incident remediation (CMI) |
|
Security for data in harm's way |
|
