Data-centric protection

Voltage Security has announced Voltage SecureData™ Suite for Test/Dev, a new solution providing maximum data protection with industry standards-accepted, next-generation Voltage Format-preserving Encryption™ (FPE) and Secure Stateless Tokenization™ (SST) technologies.

  • 10 years ago Posted in

“Generating data for test and development environments presents serious challenges for enterprise security and risk management. An alarming number of data breaches, along with complex regulatory compliance requirements, highlight the need to de-identify sensitive data when moving from production to test, development, and training environments,” explained Mark Bower, vice president of product management and solutions architecture, Voltage Security.


When data is copied from production databases and used directly for application development, large volumes of private data accumulate on unprotected servers and workstations. The use of outsourced and offshore QA and development services further increases the risks and costs of data leakage – potentially resulting in damages affecting reputation, compliance, and revenues.


Traditional data masking solutions, such as random data generation, proprietary data scrambling, and rules-based masking, provide many data management and transformation capabilities, but don’t deliver the strong encryption and tokenization technologies that maximise data protection. Encryption has typically not been considered a viable option for creating test/dev data, because it changes the format and destroys data relationships. Voltage format-preserving encryption solves this problem by maintaining the data formats, preserving referential integrity, and providing user control over maintaining numeric ranges, date relationships, selected digits within fields, etc. The net result is the best of both worlds – taking advantage of strong data encryption while still maintaining the value of the data in test/dev environments without the risk of breach or cost burden of compensating controls.


Consisting of software, support and services, the Voltage SecureData Suite for Test / Dev is available in three application-specific configurations: Open Systems Standard Edition for basic data de-identification needs, the Open Systems Enterprise Edition for more frequent and complex de-identification needs, and the Mainframe Systems Edition for data de-identification directly on z/OS platforms.


The Voltage solution is designed to work with existing Test Data Management (TDM) and ETL tools, as well as customer-created data flows. It is perfectly suited to environments where test/dev data is either not currently protected or protected by “home-grown” techniques. Using Voltage industry standards-accepted, Format-preserving Encryption (FPE) can provide a safe harbor in the event of a data breach, while using Secure Stateless Tokenization™ (SST) can ensure development environments stay out of scope for PCI compliance. Using the Mainframe Systems Edition provides additional benefits of keeping the test data entirely within the mainframe environment, as well as providing additional data transformation capabilities.


Voltage SecureData brings a unique, proven data-centric approach to protection – where the access policy travels with the data itself – by permitting data encryption and tokenization without changes to data format or integrity, and eliminating the cost and complexity of issuing and managing certificates and symmetric keys. Voltage SecureData can immediately integrate with programs running on a wide range of platforms including Linux, Windows, IBM z/OS, Solaris, HP/UX, IBM/AIX, Mac OS, HP NonStop, Stratus, Teradata, and Hadoop.


Using the same components and technology as the rest of the Voltage SecureData product line, it can become part of an end-to-end, data-centric security architecture protecting data across an entire organisation, including production, disaster recovery and analytics, in addition to test and development. Voltage SecureData provides powerful data-centric solutions for businesses across many industries, including financial services, retail, e-commerce, healthcare, and telecoms, as well as one third of the global “top twenty” corporations and six of the top eight U.S. payment processors.
 

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...