More and more organizations have been asking to encrypt their data in business-critical SaaS applications such as Salesforce, ServiceNow, and Microsoft Office 365 with customer-managed keys to ensure compliance and provide additional data protection. Through integration with SafeNet’s leading key management solutions, McAfee now provides a scalable, standards-based solution to meet this request.
Enterprises will be able to utilize McAfee Secure encryption gateways integrated with SafeNet key management solutions. The joint solution enables on-premise, cloud-based, and hybrid deployment options. By providing customers with flexibility over deployment models, they can optimally leverage the benefits of cloud services while ensuring the best possible security controls.
A Flexible On-Premise Solution
With SafeNet key management solutions such as KeySecure via the Key Management Interoperability Protocol (KMIP) or the Luna SA attached HSM, companies can keep the keys to McAfee Secure encryption gateways on-premise. These options can be used alone or in tandem, ensuring solutions for various use-cases depending on the type of keys and data.
…Or Up in the Cloud
Increasingly companies seek to encrypt data stored in the cloud in services such as Salesforce.com. The joint solution with McAfee Secure and SafeNet Virtual KeySecure gives companies the ability to manage and store their encryption keys in a hardened virtual security appliance. Cloud-based key management offers an array of benefits including immediate scale, better ease of use, and faster time to value.
Compliance: McAfee + SafeNet Gets You There
Customer controlled keys with strong key management are essential for illustrating security, compliance and control of data in the cloud. With SafeNet and McAfee together, security teams can uniformly view, control, and administer cryptographic policies and keys for all their sensitive data, wherever it resides.
On top of heightened security and usability, the standards-based approach of the collaboration between McAfee and SafeNet facilitates compliance with corporate and regulatory requirements. For example, companies can store keys for data encrypted in the cloud in FIPS 140-2 Level 3-compliant hardware as an on-premise solution. In the cloud, enterprises can satisfy requirements like PCI compliance by storing keys in a virtual appliance such as Amazon Web Services (AWS) CloudHSM.
About the Author
Categories: Cloud Security