Would you consider giving up personal data in exchange for a third-party app to show you what your ninety-year-old self will look like? The rise of social media brought lots of joy to consumers’ lives, allowing users to get glimpses of their future selves, to find out their horoscopes, and to communicate with others across the globe. Read more
The latest best practices in enterprise data security include utilizing KMIP AND an encryption key management solution. While most security conscious companies are mindful of the latest advancements in storage encryption, there is a lack of attention to the requirements necessary to managing the thousands of keys generated from multiple data centers, storage devices, and software — specifically, enterprise level encryption key management systems have been overlooked, leaving companies vulnerable. Read more
How Key Management, PKI Controls, and Zero Trust Principles are Applied to Thwart Advanced Persistent Threats (APTs)
For years, cybersecurity professionals argued the importance of “zero trust networks” and their concerns have been fully validated in the wake of the SolarWinds incident. Hacking techniques likely used in the SolarWinds Sunburst attack include mapping of sIDHistory, Primary Group ID, as well as AdminSDHolder to help identify and obtain cached Active Directory credentials. The compromised SAML keys and cryptographic materials were then likely used to execute administrative control and exfiltrate data over an extended duration.
The advent of 5G is an exciting development in connectivity for most businesses. From the farmer who can now remotely monitor field conditions to the global manufacturing leader dependent upon a digital supply chain, to mom-and-pop shops offering real-time-customer service, 5G is changing the way business gets done. And both owners and consumers are enjoying the benefits!
For most, 5G still lacks the true “100 times faster” connection that service providers touted it would bring in 2019. But still, its improvements to speed and lower latency over 4G LTE for business connectivity have already established it as a game changer.
Although 5G is one of the fastest growing technologies in history with adoption 4x as fast as LTE, it will be years before 5G networks blanket the globe. However, explosive adoption is already well underway in the automotive, manufacturing, utilities, and healthcare industries, all of which have been catalysts for a rush on new IoT devices for business efficiencies, enhanced customer service, the movement of large amounts of data, and more.
As 5G network availability grows, the potential for 5G IoT business devices has grown exponentially. Unfortunately, the security risks have grown with it
The Department of Defense (DOD) put out a deadline mandating that specific controls for Covered Defense Information (CDI) and Controlled Unclassified Information (CUI) residing in nonfederal information systems be in place. Many DOD contractors and subcontractors have missed the deadline and are scrambling to update their cybersecurity standards.
FREDERICK, MARYLAND – Fornetix, LLC. today announced it has joined forces with Micron to offer a solution that provides secure and simple trusted Internet of Things (IoT) service delivery. The new solution combines Fornetix’s advanced encryption key management platform, VaultCore with Micron’s Authenta™ Key Management Service (KMS) to accelerate the massive deployment of IoT services, a global market predicted by ABI Research to reach $410 billion in revenue annually by 2026. VaultCore is expected to extend Authenta KMS’ reach through its highly scalable, high-performance and secure platform that supports the operational technology lifecycle from manufacture through deployment, and ultimately until device end-of-life. Read more
CCPA stands for California Consumer Privacy Act. However, your company doesn’t have to be located in California for this law to affect business. If you’ve collected personal data on at least 50,000 people, or have $25 million or more in annual revenue, CCPA applies to your organization.
Proposition 24, also known as the California Privacy Rights and Enforcement Act of 2020, was passed by California voters in the November 2020 election. Proposition 24 expands the reach and amends some provisions of CCPA, creating additional protections for Californians, and additional work for organizations.
In short, CCPA (and the passage of Proposition 24) was enacted to protect California residents’ data from theft or misuse. It was also created to compel companies collecting or storing Californians’ data to initiate more effective data security practices to curb the increasing number of data breaches negatively impacting Californians.
GorillaAt the core of CCPA’s initiatives is the new responsibility placed on organizations to encrypt sensitive data. Companies across the globe have quickly complied by increasing their encryption of data at rest, in motion, and in the Cloud. But this move to mass encrypt data has inadvertently created a staggering problem for many organizations – a 500-pound gorilla – that instead of helping protect sensitive data, has quelled efforts by leaving organizations with more encryption key material than can adequately and successfully be managed without a dedicated encryption Key Management System (KMS).
More data encryption means more encryption keys. The more keys that are generated and used, the higher the odds an attacker will find a way to compromise them. Just like passwords on our computers, encryption keys must be rotated as frequently as possible. The rotation of keys increases the complexity and expense of encryption exponentially, but greatly decreases the probability of a successful attack on data.
So How do You Get Rid of the Gorilla?
A proper solution would be to install a highly scalable encryption key management system that fully automates the key lifecycle thereby alleviating the excessive weight additional encryption keys have put on your security strategy.
Enter: Fornetix’s VaultCore™. This patented, next generation key management solution provides a robust, simple to use, and secure “set it and forget it” approach that works actively to protect your data. The VaultCore system allows organizations to put in place a re-keying schedule that matches their desired policy, often saving organizations tens of thousands of dollars by turning a manual process into a simple click of a button, and grossly reducing errors associated with human nature.
Delivered as a physical or virtual appliance, VaultCore delivers a unified approach to data security through deploying and enforcing encryption across the entire organization – across all devices. This means an organization has the power to store and control all encryption keys for all data and helps to ensure the organization is meeting CCPA by adequately protecting data through encryption AND key management.
The most scalable KMS available, VaultCore is capable of handling over 100 million keys, more than adequate for any industry as they grow and continue to strive to meet CCPA, GDPR and the myriad of other regulations being put in place.
For a deeper dive into understanding encryption key management and how it works with your current security strategy to meet CCPA to protect sensitive data and relieve your organization’s security strategy struggles, click here to read how Encryption Key Management is Saving Companies Struggling with California Consumer Privacy Act (CCPA).
FREDERICK, MARYLAND — Fornetix, LLC. today announced their technology partnership with ThinkOn Inc., Canada’s largest wholesale provider of cloud storage, compute, and networking resources. The VaultCore™ Key Management Solution will be deployed as an integral part of the ThinkOn suite of Infrastructure as a Service Offerings (IaaS), and will provide a critical layer of encryption management to ensure that sensitive data will remain secure wherever it resides.
“We are excited to partner with ThinkOn and introduce the VaultCore KMaaS Cloud solution to their ecosystem. We look forward to massive opportunities to work together providing the most secure solution on the market for encryption key management in the cloud,” said Mark Gilroy, CEO of Fornetix.
VaultCore will be providing encryption key management for ThinkOn’s cloud data storage environments enabling IT administrators and security professionals to manage encryption across their entire enterprise with precision, speed, and without impacting performance. ThinkOn will be utilizing VaultCore for cloud-based data management solutions where subscriber information is siloed and requires compliance with stringent laws and regulations involving privacy and protection of classified and sensitive data. VaultCore’s ability to delegate key user privileges for management via cloud services plays a pivotal role in the development of this partnership.
“At ThinkOn, we care about security and efficiency of cloud data management. We are very excited to align and partner with the best in industry innovators like Fornetix to deliver an enterprise level security framework to our subscribers,” said Craig McLellan, Founder of ThinkOn.
A key feature of VaultCore is its Policy Engine. VaultCore provides fine-grained inherited access controls for encryption, thus enabling organizations to define encryption key management use in line with their corporate policy. In addition to this, users can easily schedule and automate the full encryption key lifecycle process and manage over one hundred million keys across their entire infrastructure. VaultCore is certified as VMware Ready for Platform and Compute, providing seamless integration for datacenter environments that require KMIP.
At Fornetix we understand that managing encryption in today’s complex environment can seem an impossible task. That is why we created VaultCore, a simplified, automated, and secure encryption key management solution designed to address security challenges arising from the proliferation of IoT, big distributed networks, and rapid cloud adoption. Our commitment to standards and interoperability enable us to join forces with leading technologies around the globe to provide smart and unified security solutions that bring order to the chaos of encryption management. For more about Fornetix, please follow us on LinkedIn and Twitter.
ThinkOn is an exclusive wholesale provider of cloud infrastructure and data management services with over 150 partners and over 1,100 end subscribers in the commercial and public sector. ThinkOn’s cloud is engineered for high availability, reliability, and scalability to meet the requirements of all kinds of critical workload. Headquartered in Toronto, the company delivers true data availability, protection, and privacy with 20+ operating regions compliant to critical industry level certifications across the globe. For more information visit www.thinkon.com.
For press inquiries and more information contact:
SVP Global Marketing
Let us consider a scenario in which an organization, a general contractor utilizing at least one subcontractor, implements a production chain security strategy powered by encryption, but NEGLECTS the addition of a key management system. You’re the CISO, responsible for the cybersecurity strategy that ensures your organization’s information assets and technologies are adequately protected.
Your team implemented standards-based encryption across the board and provided a common software platform to your supply chain partners, allowing for data to be transferred securely between your organizations…or so you thought.
Suddenly, your organization gets word from a subcontractor that they’re experiencing unusual network activity. The cybersecurity strategy you spent months creating is clear; cut off your partner’s network, lock down your data, and as CISO, stay up all night hoping the bad actor wasn’t able to permeate your network’s exterior defenses. In the interim, your IT department heads begin the grievous task of pulling reports from various locations and mulling them over to better understand any potential impact.
In the early morning hours, you find out that there was indeed a breach, courtesy of your subcontractor’s less-than-robust “secure network.” A bad actor was able to breach your defenses through your subcontractor’s weaker network, grabbed your data, and basically left unnoticed until your subcontractor alerted you to a “possible problem.” You’ve already spent a good portion of the night calculating the estimated costs of just such a breach, and you’re now faced with explaining what happened to your CEO.
Now, rewind, and imagine that you are the CISO who went beyond just “checking the box” for data encryption
The CISO who went beyond just “checking the box” for data encryption when planning their security strategy slept like a baby while his IT department went home in time for dinner with their families. The subcontractor did experience a breach, but your organization was left unscathed. Thanks to the encryption key management system you integrated with your legacy system earlier in the year, the company’s data remained secure. With the automated, short-life periodic key rotations, and the system’s robust identity capabilities, applications, and storage services, the necessary insight and controls needed to thwart this sort of next generation attack were in place and all data remained secure.
Addressing the overall security of not only your enterprise, but also those in your supply or distribution chains, in a protection-centric approach, is the most cost-effective and simple solution you can add to your current security strategy to protect your data. Learn how one encryption key management solution like Fornetix® VaultCore™ can extend the reach and power of your encryption and better protect your data from attack.
For a deeper dive into understanding encryption key management and how CISOs, CTOs, and others tasked with implementing enterprise security strategy and securing data across multiple environments can utilize a key management system to better protect their data, click here to read The CISO’s Guide to Understanding Encryption Key Management.
FREDERICK, MARYLAND – Fornetix, a Nutanix partner, announced today that they will host a booth at Nutanix’s Global .NEXT Digital Experience conference September 8-11. Visit Fornetix’s digital booth and learn how Fornetix’s patented key encryption management technology, VaultCore™ integrates with the Nutanix platform to help companies:
- Reduce Costs by Executing & Scheduling Key Management Operations in Seconds
- Meet Compliance & Security Concerns with a Validated Solution
- Incorporate Key Management in Organizational Log Management Strategies
- Encrypt Virtual Machines Through Interoperability with vSphere 6.5
- Manage Keys Consistently Across Heterogeneous Environments
VaultCore is a highly scalable encryption key management solution that when coupled with Nutanix’s powerful, yet flexible, hyper-converged data center infrastructure creates a secure solution that orchestrates encryption strategy without hindering business productivity.
Nutanix applies a holistic approach to security throughout their solution which includes support for FIPS 140-2 compliant data-at-rest encryption, with options to leverage self-encrypting drives (SEDs) or software-based encryption using standard drives. This capability allows customers to encrypt data using strong encryption algorithms backed by enterprise grade key management.
With an integration made possible through the Key Management Interoperability Protocol (KMIP), Nutanix communicates with the Fornetix VaultCore™ Key Management System to ensure unification and control over encryption keys across the enterprise.
“We’re excited to be presenting our joint solution at the Nutanix .NEXT virtual conference,” says Mark Gilroy, CEO of Fornetix. “The combination of our innovative key management technology, VaultCore, and Nutanix’s storage software, provide a seamless solution at the largest scale available on the market to unify data control and security.”
The .NEXT Digital Experience will bring together visionaries, developers, and IT leaders from around the globe to share the latest in hybrid and multicloud computing, datacenter infrastructure, storage, end user computing, database and more. The interactive event will feature a virtual “expo floor” where attendees can explore and discover new ways to modernize and optimize their datacenter operations.
At Fornetix we understand that managing encryption in today’s complex environment can seem an impossible task. That is why we created VaultCore, a simplified, automated, and secure encryption key management solution designed to address security challenges arising from the proliferation of IoT, big distributed networks, and rapid cloud adoption. Our commitment to standards and interoperability enable us to join forces with leading technologies around the globe to provide smart and unified security solutions that bring order to the chaos of encryption management. To request a complimentary demo of VaultCore, click here.
For press inquiries and more information contact:
SVP Global Marketing