This weekend, I'm hosting a core conversation session at SXSW, titled, "Dear Taco Vendor, how are you securing my data?" When I submitted the topic, I thought the session would generate some good conversation, and maybe even make some people think. MAYBE. Mostly though, I loved the clever title (kudos to my wife for coming up with it) that combines one of my favorite foods with one of my favorite topics.
The gist of the session was this. Do you really know what you're getting when you trade your email address, scan your phone or provide any other type of personal information in exchange for free stuff? Where does this data go and how is it secured? Is it at risk for theft?
I work at a cyber-security company, so I'm not naive to the fact that there are certain dangers that come as a result of the wonderfully ubiquitous "series of tubes" that is the Internet. At Gazzang, we often deal in hackers, rogue employees, and vulnerabilities in modern data architectures like NoSQL and Hadoop. Our goal is to help companies keep sensitive data from being exposed. But In researching my session topic, I was amazed at how easy it is to expose someone's very personal identity simply by having access to their email address.
Toss a few bucks to a data aggregator, and there's almost nothing you can't find online. For example, a quick search of my gmail address turned up my birthdate, last four residences with property values, the names of all my closest relatives, a ton of photos, my work history and links to pretty much everything I've said or done on social networks.
So much for an email address not constituting personally identifiable information.
My SXSW session isn't going to focus on whether shady people can access your sensitive data simply by knowing your email address. It's clear that they can. Instead, I want to focus on what that revelation means in a broader context:
Also, we can talk about tacos.
I hope you'll join me this Saturday at 3:30pm at the Sheraton.
Data-at-rest encryption is essential. It's a requirement for meeting compliance regulations like HIPAA, PCI, SOX and FERPA and is one of the most effective methods for protecting sensitive, business-critical information. What you may not realize is that - in addition to providing an "insurance policy" against data theft - encryption can also be an important revenue driver. More on that in a moment.
IBM Informix customers now realize the benefits of data encryption and key management from Gazzang, the leader in big data security. Gazzang's software suite has recently completed Informix certification. That means users of the hybrid database system can secure sensitive SQL and NoSQL data at rest with near zero performance impact to disk i/o or CPU utilization.
Gazzang does not require users to modify their Informix database nor the applications above it, and the encryption can be deployed on each datanode within minutes using standard DevOps scripts from Chef and Puppet. The solution supports a range of database types including SQL and MongoDB and currently encrypts more NoSQL and Hadoop environments than any other vendor.
How it works
Gazzang zNcrypt™ is a "virtual encrypted filesystem" that shims in at the Linux kernel and is transparent to the database and applications that sit above the filesystem. Data is encrypted "on the fly" as it's written to disk and decrypted when called back by the application. The solution leverages process-based access controls (ACLs) that ensure only authorized, trusted processes can access the data. By restricting data access to certain processes rather than users or roles, you can prevent super users like root from accessing data they don't necessarily need to see.
Gazzang zTrustee™ is a software-based key manager that secures and manages the keys separate from the encrypted data. This helps ensure a data breach doesn't also result in the loss of the encryption key. Remember, encryption is only as strong as the security of the encryption key. A compromised or weak key is all that's necessary for an unauthorized user or hacker to decrypt and access your sensitive data.
The Gazzang key manager allows the data owner to wrap several layers of policy around the key to prevent unauthorized access. For example, you can set limits on how many times a key can be retrieved or set a specific window of time at which the key might be available. A unique function of zTrustee is the ability to allow people to authorize or deny key retrievals. These individuals can only determine whether a key should be released, but never actually see the key. You can learn much more about zTrustee by visiting: http://www.gazzang.com/ztrustee-use-cases
Why encrypt Informix?
Earlier in this blog, I mentioned at-rest encryption is mandatory for meeting certain compliance requirements. But if you're using Informix to manage data on behalf of your end customers, chances are they're expecting you to encrypt everywhere and anywhere as well. We work with a number of companies that tell us they could neither have won new business had they not encrypted customer data.
Let us show you how we can help encrypt your Informix data, whether it's in a public, private or hybrid cloud or on premise. Shoot us an email at email@example.com or register for a complimentary demo and trial.
The who's who of Big Data were out in full force at Strata last week, and like the fall Strata/Hadoop World event in New York, the Santa Clara showcase did not disappoint.
Allow me to share a few thoughts, straight from the Gazzang booth, which occupied prime real estate right by the food and beverage area:
1) The hype around big data has died down… a lot. Svetlana Sicular of Gartner famously (or infamously) noted early last year, big data is descending into the "Trough of Disillusionment." While that sounds awful on the surface, it's actually a sign of a maturing market. It means all the talk and chest-beating about big data is waning, and the actual tools and technologies associated with the space are starting to yield results.
The sessions at this year's conference bore that out. In past events, sessions were dominated by "how-to's" on the latest big data platforms and applications. This year, we heard more from customers and consumers of big data. Sure, you expect to see organizations like Comcast, Netflix and Twitter at Strata, but how about the inventor of ollie, a popular skateboarding trick that I nearly killed myself trying to pull off in the mid 80s?
One session that particularly stood out was GE's talk on the Industrial Internet. Want a use case for big data, and Hadoop in particular? Look no further than how GE is enabling industrial devices (turbines, jet engines, locomotives) to connect and report back on their health, so no machine ever has to be taken offline. It's amazing to think about where this might lead.
2) The shift from big data hype to production is good for Gazzang as well. While we love to engage with organizations as early as possible in the big data buying process, the fact is that most companies don't think about data security until they start to work with sensitive, production-stage data. In years past, we'd get asked questions about whether we integrate with Hadoop, Cassandra, Mongo, Couch and Riak (by the way, the answer is yes, we do). This year, we heard from dozens of attendees about in-flight big data projects that require at-rest security. Quick shout out to our partners, Rackspace, Cloudera, Hortonworks, Pivotal, DataStax, MongoDB, sqrrl, IBM, Amazon, Basho, Couchbase and Intel for sending them our way.
3) Speaking of partners, Gazzang made and participated in a number of announcements related to our work with Big Data and Cloud leaders:
Our goal is to provide customers with the most comprehensive and proven data security solutions no matter what big data platform(s) they choose. I believe our depth and breadth of experience in these environments is critical to Gazzang being recognized as "The Big Data Security Experts."
4) What good is a trade show without any fun? For the entire run of the show, the Love Potion Amphora Art/Music Bus (yes, a real thing) was parked right behind our booth. Imagine trying to hold a deep conversation about filesystem encryption with THIS over your shoulder. Despite the distraction, we did manage to make some waves of our own, and we even walked away with an award, courtesy of our friends at Forbes.
Looking forward to seeing you all back in New York later this year.
Certification allows the U.S. Army to deploy Gazzang encryption and key management solutions throughout its IT infrastructure
AUSTIN, Texas, Feb. 19, 2014 – Gazzang, the big data security experts, today announced it has been granted a Certificate of Networthiness (CoN) from the U.S. Army Network Enterprise Technology Command (NETCOM) for its zNcrypt™ and zTrustee™ data security solutions.
The Certificate of Networthiness is required to assure that all outside software, tools or systems meet or exceed the U.S. Army’s requirements for reliability, security, architecture and integration when deployed within the Army’s existing IT infrastructure. The certification also applies to all the listed Army functional components that use the Army Enterprise Infrastructure, including National Guard, Army Reserve and other Army commands.
“Gazzang is proud to provide high-performance, software-defined data encryption and key management for the U.S. armed forces and protect information of critical importance to our national security,” said Larry Warnock, president and CEO of Gazzang. “The certification is a recognized and trusted benchmark and a great barometer for commercial organizations to use when evaluating their data security options.”
With the CoN, the following Gazzang software can be installed on any Army computer, server or related system:
For more information visit: http://www.gazzang.com/resources/certifications.
Gazzang provides data security solutions and expertise to help enterprises protect sensitive information and maintain performance in big data and cloud environments. Our technology enables SaaS vendors, health care organizations, financial institutions, public sector agencies and more to meet regulatory compliance initiatives, secure personally identifiable information and prevent unauthorized access to sensitive data and systems. The company is headquartered in Austin, Texas and backed by Austin Ventures and Silver Creek Ventures. For more information, visit www.gazzang.com.