SafeNet Highlights Top Six Ways to Encrypt Sensitive Data on AWS

By Peter Bernstein March 25, 2014

There is no denying the power and market dominance of Amazon Web Services (AWS). In fact, a recent Gartner Group report estimated that AWS has more than five times the combined capacity of its next 14 rivals, and generated roughly $3 billion in annual revenues. Large enterprises are increasingly moving some of the data they used to house on their own computers to the AWS cloud, and the number of small and mid-sized businesses (SMBs) that have entrusted much if not all of their mission critical data to AWS has exploded.

While the benefits of moving to AWS are substantial, the realities are that such a move is not without concerns, particularly regarding security. IT professionals remain wary that data residing on AWS and ultimately on the move can create exposure of vital information to unauthorized users making it susceptible to being compromised in a variety of potentially extremely harmful and costly ways.

Given these concerns which in many ways are impeding even faster adoption of AWS, SafeNet, Inc., a leading provider of data protection solutions, has released a new e-book, 6 Ways to Enhance Security in AWS. It outlines how companies can demonstrate compliance and illustrate control of sensitive data, in order to help businesses in pay-as-you-go cloud services like AWS.

Six SafeNet solutions to enhance AWS security

SafeNet, calls its recommendations “common sense.” As an AWS Advanced Technology Partner, SafeNet has developed practical capabilities to help AWS customers mitigate risks and increase peace of mind.  SafeNet describes them as follows:

  • Roots of Trust – Whether protecting cryptographic keys or authenticating devices, roots of trust are components inherently trusted to perform one or more security-critical functions, available in both virtual security appliances and tamper-proof hardware appliances. The AWS CloudHSM service uses SafeNet’s tamper-resistant Luna® SA hardware security modules as its root of trust to provide customers with single-tenant appliances in the AWS cloud to meet their cryptographic storage needs. Luna modules meet several government security standards and integrate with a large number of cryptographic protocols, allowing organizations to demonstrate compliance with strict information regulations.
  • Centralized Encryption Key Management – SafeNet’s Virtual KeySecure for AWS Marketplace allows organizations to quickly deploy centralized key management in high-availability, clustered configurations, using a hardened virtual security appliance that runs in the AWS cloud. It securely stores and manages encryption keys and policies for AWS EC2 workloads, and ensures that organizations maintain ownership of their encryption keys at all times. SafeNet’s Crypto Management platform has the largest number of partner integrations in the industry. Availability on AWS expands this solution even further and allows more customers to take advantage of encryption key management for their organization.
  • Encryption and Pre-Boot Authentication for EC2 and EBS – SafeNet’s ProtectV™ for AWS Marketplace encrypts entire virtual machine instances and attached storage volumes while ensuring complete isolation of data and separation of duties. It unifies encryption and control across virtualized and cloud environments, and increases security and compliance for sensitive data residing in AWS EC2 instances. ProtectV™ also ensures that no virtual machine instance can launch without proper pre-boot authentication.
  • Client-Side Object Encryption for Amazon S3 – SafeNet ProtectApp provides customer-controlled client-side object encryption for storage in Amazon’s Simple Storage Service (S3) when integrated with AWS SDKs. ProtectApp forms an encryption client that provides application input keys to encrypt objects before loading them to storage, making data unreadable by unauthorized users and making sure the cloud provider never has access to unencrypted application data.
  • Storage Encryption for the AWS Storage Gateway – StorageSecure is a network encryption appliance that offers optimal protection of data at rest in physical, virtual, and cloud-based storage environments. It is a transparent solution that enables organizations to retain strict controls over data access by connecting an on-premises software appliance with AWS S3, establishing a seamless and secure integration between their on-premises storage environment and AWS. The AWS Storage Gateway appliance is installed on the customer premises and is connected to StorageSecure via the iSCSI protocol.
  • File Encryption for EC2 Instances and S3 – SafeNet ProtectFile provides automated file encryption for unstructured data contained in network drives and file servers. ProtectFile is deployed in tandem with SafeNet KeySecure and encrypts flat files that contain sensitive data, including text documents, spreadsheets, bitmap images, and vector drawings. The combined solution provides encryption and access control policies to protect designated folders and files via data-centric encryption.

“SafeNet has been protecting the valuable data assets of Fortune 500 companies, government agencies, and other organizations for more than 30 years,” said Prakash Panjwani, senior vice president and general manager, Data Protection Solutions, SafeNet. “As companies migrate to cloud services, SafeNet is in lockstep with them, providing strong encryption solutions that meet their needs for rigorous security, regardless of their environment.”

IT professionals regardless of the size or location of their company, as a result of the data breeches we are aware of from the headlines, along with unfortunately the marked increase of incidents that don’t make the news, have become painfully aware that strong encryption is becoming table stakes for mitigating risks.  Whether it is data at rest or on the fly, making it difficult to access, and extremely difficult to decipher is paramount. Strong encryption (pardon the pun) is key. It happens to be true in all instances, but is of particular importance when that data is stored and accessed not just in the cloud but on public shared cloud services like AWS.

This is an instance, if you are an AWS customer, where going by the book is something to strongly consider.  




Edited by Cassandra Tucker
SHARE THIS ARTICLE
Related Articles

4 Biohacking Facts You Should Know About in 2017

By: Special Guest    8/18/2017

When it comes to biohacking, a more recent development in science, it involves combining the idea of hacking with biology. In today's world, biohackin…

Read More

Rest Your Weary Fingers: Voice Activation is Coming to a CRM Near You

By: Special Guest    8/9/2017

We spend a lot of time talking to our gadgets these days. Whether we're seeking directions from Siri or weather updates from Alexa, speech is quickly …

Read More

Kevin Kennedy Stepping Down, Will New Leadership Help Guide Avaya Back into Prominence?

By: Erik Linask    8/7/2017

After more than eight years as Avaya's chief executive, Kevin Kennedy will be stepping down from that role as of October 1, 2017. He'll be replaced by…

Read More

Micro-CT Scans Allow Researchers to Study Live Insects in 3D

By: Kayla Matthews    8/7/2017

The things we don't know about the natural world could fill textbooks. That's why excitement is the most appropriate response when we discover new way…

Read More

Gogo Making Air Travel More Productive

By: Erik Linask    8/4/2017

Gogo created tremendous hype when it first enabled in-flight connectivity on American Airlines, back in 2008. But, anyone who has used in-flight Wi-Fi…

Read More