Data Security Solutions for Managed-Service Providers

Security Concerns

Security is the chief impediment to more pervasive adoption of managed-service models. By addressing security concerns, service providers can establish strong market differentiation, expand their presence in existing accounts, and boost market share.

Compliance and Trust Concerns

Potential managed-service customers are concerned about compliance, security and trusting service providers themselves, when they consider moving workloads with sensitive data to managed-service environments.

Data Security as a Service (DSaaS)

The Vormetric Data Security Platform from Thales eSecurity makes it simple for Infrastructure-as-a-Service (IaaS), Software-as-a-Service (SaaS), and Platform-as-a-Service (PaaS) providers to extend their product offerings to include data security as a service offerings (DSaaS).

Solution Features

The Vormetric solution from Thales eSecurity features:

• Capabilities for data-at-rest encryption at the file-level, application-layer
• A cloud encryption gateway
• On-premises and off-premises key management support
• Tokenization
• Privileged user access control
• Security intelligence logs that can be used for end-customer security analytics and compliance reporting.

Flexible Delivery Options

The Vormetric Data Security Platform features a flexible policy and key management deployment architecture, so you can support multiple implementation options, and tailor your approach to your customers’ specific security demands and business models. Leveraging the Vormetric Data Security Manager (DSM) you can offer support for the following key and policy management deployment approaches:

• Customer on-premises deployment. Vormetric Data Security Manager can be deployed as a virtual appliance or FIPS 140-2 validated appliance that is hosted on your customer’s premise.
• Cloud-based deployment. Vormetric Data Security Manager can be implemented as a virtual appliance or a FIPS 140-2 validated appliance that is hosted in your environment.

No matter which appliance or hosting approach your customers choose, you can help your customers ensure that unauthorized users—even your own system administrators—never get access to administrative controls and cryptographic assets. With Vormetric Data Security Manager’s granular access controls, separation of duties, and detailed auditing capabilities, you can give customers the visibility and control they need to restrict administrative access and centrally manage policies.

In addition, if your customers need to enable employees and partners to work with the data without seeing the actual values, Vormetric Tokenization and Dynamic Masking lets administrators establish policies to return an entire field tokenized or dynamically mask parts of a field. With the solution’s format-preserving tokenization capabilities, managers can restrict access to sensitive assets, yet at the same time, format the protected data in a way that enables many users to do their jobs.

For IaaS, PaaS and SaaS providers, click here to review Vormetric’s Cloud Partner Program designed to enable cloud, application, hosting and managed service providers who want to deliver best-in-class security services and meet compliance needs for their end customers.

IaaS providers can discuss their specific data security as a service questions and deployment options by contacting us at cloudpartners@vormetric.com.

SaaS and PaaS providers can learn more about how to design and integrate data encryption capabilities into your application and platform service offerings here or contact Vormetric at SaaS@vormetric.com.

Service Provider Benefits

With Thales eSecurity your service can support compelling data-centric security services that you can sell and deliver to your customers. With these services, your organization can:

• Expand revenues. Address the data security and compliance concerns that are keeping customers from moving sensitive data and workloads to your managed-service environments.
• Deliver managed-service provider security services. With your Vormetric powered service, you can help your customers address their compliance mandates and you can address your contractual obligations concerning customer data access.
• Reduce business risk. With the Vormetric Data Security Platform, your customers can institute systematic controls that prohibit any unauthorized users—including anyone on your staff—from accessing sensitive data. At the same time, the platform won’t hinder your administrators from doing the tasks they need to support and optimize their implementations. As a result, you and your customers can reduce risk.
• Cloud-based business model. As a Vormetric Cloud Partner you can take advantage of subscription based service provider pricing and advanced customer support that stands behind your customer support team 24x7.

Customer Benefits

When you deliver data-centric security services powered by Vormetric, your customers can realize these advantages:

• Address compliance mandates. With Thales eSecurity's Vormetric products, your business can provide the controls, visibility, and auditability your customers need to comply with internal policies and mandates. You can help customers run services in the cloud without compromising compliance, including the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act (HIPAA), or other standards.
• Reduce risk of data breaches. With Vormetric encryption, your clients can dramatically reduce their exposure to a devastating data breach. Executives can be assured that, even if there’s a breach of your facilities, encrypted data won’t be compromised, which means they can avoid the forced disclosures required by privacy regulations.
• Retain persistent control—no matter what. In the cloud, data assets can be replicated to many different repositories and, even after a virtual machine is decommissioned, data remnants may still exist. With Thales eSecurity, your customers can ensure data remains encrypted, no matter where it is copied or saved. In addition, customers can delete the keys for a specific set of encrypted data, so they can effectively digitally shred data and ensure it won’t ever be accessed in the clear.
• More fully leverage the cloud. Potential security and compliance gaps have restricted businesses from moving many sensitive assets and services into the cloud. With Vormetric, you can deliver the safeguards and controls these organizations need to more fully leverage your cloud services.
• Avoid unauthorized government access to your data. Even if your organization receives a subpoena requiring the submission of the digital assets of one or more of your clients, customers with Vormetric will be able to retain control over keys, and so retain control over whether any encrypted assets get decrypted or not.