Contain Key and Object Sprawl
Layering your security in the cloud – firewalls, intrusion detection, operations monitoring and data masking among other techniques – should be an enterprise best practice. In much the same way, protecting sensitive data requires a layered approach that includes transparent data encryption, tokenization, password hashing and salting, key management and access controls.
These security processes typically generate a mix of cryptographic keys, data tokens, SSL certificates and other opaque objects that require tight security in their own right. What’s more, the burgeoning use of “big data,” where data can be spread across hundreds of servers, magnifies the creation of these operational objects. An organization literally can have hundreds of thousands or more of these objects to track, not to mention the proliferation of disparate, proprietary management systems.
Gazzang zTrustee™ puts you back in control of your keys and objects with a centralized "virtual" hardware security module (vHSM) for all your opaque objects. This includes any and all encryption keys, not just those from Gazzang zNcrypt™. It also offers a unique multi-factor authentication solution built for cloud environments.
The key and certificate management solution enforces a broad range of policies for object authorization, expiration, revocation, retrieval limits and more and includes detailed audit logs on each action. Consolidating your important IT information objects into a centralized system significantly eases the management burden, reduces IT cost and prevents unauthorized access to sensitive data.