For those who follow cloud adoption trends, you know that security has been a major concern for enterprise IT departments as they consider if, what, when, where, why and how to move various functions to the cloud. This is true for private and hybrid cloud implementations, and particularly for when evaluation is being done of multi-tenant solutions. Anyone who remains on the fence regarding the cloud because of security issues, including service providers seeking a means to offer a higher level of cloud-based security services to their customers, should give careful consideration to the latest solution from security industry leader SafeNet and their new SafeNet Crypto Hypervisor.
SafeNet believes this is the first solution that delivers high-assurance key vaulting and encryption services on demand in a cloud operational model. This is a two-fold solution. SafeNet says it will lower the total cost of ownership (TCO) significantly because it enables deployment of up to 95 percent less hardware and the streamlining of crypto administration. In addition, it provides centralized control through unified administration of elastic crypto services complemented by role-based, tamper-proof logs for simplified compliance.
Visibility, control and context are crucial to enterprise security in moving to the cloud
SafeNet’s take on industry trends is insightful. Realities are that confidence in perimeter security is waning, and organizations are facing pressure to adopt cloud strategies and consolidate their data center resources. In the process, security has become a paramount concern. As part of its Secure Breach strategy, the SafeNet Crypto Hypervisor is designed to enable organizations to virtualize their crypto resources in an efficient and scalable way, and ensure that all data can be safely encrypted, even as it moves in a virtualized environment, in order to prevent data loss.
The SafeNet Crypto Hypervisor lets enterprise IT departments and service providers deliver on-demand, elastic key vaulting and encryption services for data protection across physical, virtual, and cloud environments in minutes instead of days. It extends and virtualizes the SafeNet Luna SA 5 Hardware Security Module (HSM) to fit into the operational models of virtual and cloud environments.
The Crypto Hypervisor can be centrally controlled and configured by crypto administrators using the new SafeNet Crypto Command Center. The administrators can build a catalog of services available on the Crypto Hypervisor. Users can now log in to a web portal to view a catalog of services that they have permission to create. These users can provision the services they need on demand on shared physical hardware. This process can reduce new service rollout from days down to minutes.
Tsion Gonen, Chief Strategy Officer, SafeNet noted that: “The move to virtualization and cloud has revolutionized the way we store and protect data. This necessitates a similar revolution in the way in which crypto resources are shared and managed. Prior to the introduction of Crypto Hypervisor, it was a very manual and slow process for IT departments to deliver encryption services in the cloud, which slowed cloud adoption. Now, starting an encryption service is equivalent to a simple process like spinning up a new VM.”
Impressive list of customer benefits
As referenced above, there are several important benefits the Crypto Hypervisor delivers. These include:
- Cloud-compatible crypto:Enables organizations to consolidate crypto efforts, eliminate “islands of encryption,” and create a more secure and efficient operation. Organizations can use as little as 5 percent of the hardware they use today for the same amount of encryption services.
- Lower total cost:For the first time, a catalog of encryption services can be defined by the centralized administration team. Different users in different organizations can order these high-assurance key vault services on demand which means services that used to take days or even weeks to deliver can be enabled within minutes, and without centralized IT intervention.
- Central control: The Crypto Command Center can manage hundreds ofindependent virtualized HSMs. Strong audit controlswith tamper-evident, digitally-signed logs are maintained for all functions. This centralized control and logging allows customers to build a center of excellence around encryption and simplify the audit process.
- The most secure key vault available: The Crypto Hypervisor technology virtualizes the field-proven and trusted SafeNet Luna HSMs, which currently provide protection for over $1 trillion in daily financial transactions; offer five nines of availability; and are trusted by enterprises and governments around the world.
“Although encryption is becoming more common, data is only as safe as the keys protecting it,” said Christian A. Christiansen, Program Vice President of Security Products & Services with IDC. “Until now, hardware encryption solutions have not provided sufficient agility and flexibility needed in virtualized and cloud environments. Rolling out a virtual application that requires encryption, signed digital certificates, or other PKI functions can often add days or weeks to a project.”
SafeNet customers are impressed with the value of the Crypto Hypervisor
Comments from SafeNet customers illustrate the importance of the new capabilities. For example, Tim Weidenbach, Vice President of Product Management Landis+Gyr stated that: “Landis+Gyr is the global industry leader in smart grid energy management solutions for electricity, gas, and water utilities. Our customers set very high expectations of security and privacy protections on our metering solutions. PKI-based architectures are the best way we have found to secure the meters, prove integrity of the reported data, and protect customer privacy. SafeNet technologies have been critical in assuring that we continue to meet our customers’ most challenging security and privacy concerns.”
Mordecai Rosen, Executive Vice President Business Development Xceedium noted that: “Xceedium relies on SafeNet’s capabilities to deliver high assurance versions of Xsuite, the company’s privileged identity management platform. SafeNet’s Crypto Hypervisor has the potential to be a game-changer in the way we employ crypto resources.”
In terms of availability, it should be noted that SafeNet’s Crypto Hypervisor runs on SafeNet Luna SA 5 HSM hardware, which is currently available. The Crypto Command Center bundle is orderable now for future delivery. Luna 5.2 HSM software and Crypto Command Center are available now on a limited basis for select customers.
Encryption, visibility in the form of centralized control, lowering TCO and giving users the ability to get services quickly, all in one package is something that the market has been looking for. Indeed, given the pressures to move to the cloud and do so securely, to give IT the command and control they need to ensure compliance as well as security, and user desires to be able to have control and quick access to the services they need to be more productive, the SafeNet Crypto Hypervisor is something that enterprise IT and service providers are going to take a careful look at.
Edited by Rich Steeves