Sign In

 

​ ​

DATA CENTRIC SECURITY

Gartner predicts that, through 2016, more than 80 percent of organizations will fail to develop a consolidated data security policy across silos, leading to potential non compliance, security breaches and financial liabilities.


"Businesses have traditionally managed data within structured and unstructured silos, driven by inherent requirements to deploy relational database management systems, file storage systems and unstructured file shares," said Brian Lowans, principal research analyst at Gartner. "However, the advent of big data and cloud storage environments is transforming the way in which data is stored, accessed and processed, and CISOs need to develop a data-centric security approach. Unfortunately this is not common practice today, and its planning is critical to avoid uncoordinated data security policies and management."

DATA CENTRIC PROTECTION - Security that stays with the Data

DATA CENTRIC SECURITY.bmp

As discussed in Domain 11 of the Security Guidance for Critical Areas of Focus in Cloud Computing V2.1¹, one important way to increase data protection, confidentiality and integrity is to ensure that the data is protected in transit and at rest within the cloud using file-encryption. As the CSA Security Guidance points out, "encryption offers the benefits of minimum reliance on the cloud service provider and lack of dependence on detection of operational failure." 
¹Cloud Computing V2.1, http://www.cloudsecurityalliance.org/guidance/csaguide.v2.1.pdf

 

Data centric protection through encryption renders the data unusable to anyone that does not have the key to decrypt it. No matter whether the data is in motion or at rest, it remains protected. The owner of the decryptions keys maintains the security of that data and can decide who and what to allow access to the data. Encryption procedures can be integrated into the existing workflow for cloud services. For example, an admin could encrypt all backup data before sending it into the storage cloud. An executive can protect corporate IP before putting in into the private cloud. And a sales representative cloud encrypt a private customer contract before sending it to a collaborative worksite, like SharePoint, in the public cloud.

DATA CENTRIC SECURITY - Stealth Software / SharePoint

StealthBullet.png

Stealth Content Store separates structured and unstructured data at the SharePoint server layer – only the structured data (metadata and content id) is stored in the SQL database while the unstructured data (BLOBs) can be written directly to an external storage platform or a Cloud platform – of the customer’s choice.

​Stealth Content Store 5.0 encrypts data at the SharePoint server layer. Data is encrypted with an AES 256 key at the file level so that data is protected "in flight" to and "at rest" on the target storage platform.

​Stealth Content Store leverages standard, Microsoft supported API’s (Microsoft SQL Server Remote BLOB Store (RBS)) to efficiently and securely store and access BLOBs in the target storage platform.

The customer generates and controls the encryption keys on premise.

Whether the data is stored on premise or in the Cloud – the data is protected against unauthorized access. The Cloud provider cannot read the data and if the data is inadvertently or intentionally shared – only an AES 256 encrypted BLOB would be revealed – totally unintelligible to the unauthorized recipient.

In addition, Stealth Extranet for SharePoint (EFS) provides a secure file sharing solution that allows a customer to share documents (with 2 factor authentication) directly from SharePoint to an outside recipient.

 

The recipient receives a link and after registering and establishing a password – the recipient receives a PIN which enable the recipient to access the authorized document. The outside user is completely isolated from the customer’s SharePoint environment. Stealth EFS maintains a complete audit trail for review and e-discovery.

STEALTH Software provides a highly scalable, data-centric security solution for Microsoft SharePoint.