Skip Navigation
  • Overview

    The cloud enables Big Data to soar to new heights. The cloud brings scale, computational power and lower cost; all things that U.S Federal Government agencies need to keep pace with the volumes of data being produced. When federal agencies think about a cloud-based Big Data strategy, a holistic approach is needed, especially for data security.

    Agencies must consider the end-to-end data lifecycle associated with Big Data, including producing, collecting, analyzing, storing, sharing and managing data – all of which have requirements for protection. While the cloud can support these lifecycle elements very well, it presents new challenges for data security. The cloud brings complexity that only adds to the already-complex Big Data ecosystem. For example, The cloud creates more accessibility options for Big Data, such as streaming, where users expect real-time delivery, along with more sophisticated query tools for searching and manipulating data. These capabilities may enhance the value of Big Data, but they introduce new security risks, especially around the scale and speed at which threats can propagate. With the cloud being a decentralized model, IT will have fewer controls compared to the current model of managing data onsite.

    Incorporating the cloud into your Big Data strategy requires a more comprehensive approach, and the starting point is to recognize the need for IT to adopt a security posture that is aligned with cloud-based technologies.

    So, how can you protect your Big Data in the cloud? ENCRYPT IT.

    Once data moves to the cloud, security becomes harder to manage. The cloud may help federal agencies scale more cost-effectively, but it is not safe to assume that Cloud Service Providers (CSPs) are able to meet compliance requirements or security expectations. This means that:

    1. Big Data owners need to own and manage their encryption to ensure that information is protected as it is stored in and moves to and from the cloud.
    2. Big Data owners need to own the generation and administration of the cryptographic keys used to encrypt data in the cloud.
    3. Big Data owners need cloud independent security solutions that can be applied wherever data is processed and stored—across private, hybrid, public, and multi-cloud environments

    Thales TCT Solutions for Protecting Big Data in the Cloud

    Thales TCT offers cloud independent encryption and key management solutions that enable agencies to store and manage Big Data in the cloud. Our solutions allow customers with U.S. supply chain requirements to effectively manage their security when working in different environments, across different platforms and with multiple cloud providers.

  • Thales TCT Solutions

    Cryptographic Key Management for the Cloud
    Thales TCT's KeySecure for Government is a cryptographic key manager that can be deployed as a hardware appliance on-premises or as a hardened virtual appliance in the cloud. By utilizing an on premises KeySecure for Government to securely generate, store and manage your cryptographic keys, you can ensure that you own and control your keys at all times.
    Whether embedded in the KeySecure for Government or used as a network-attached appliance, Luna Hardware Security Modules for Government provide a FIPS certified hardware root of trust for maximum security.


    Cloud-Independent Data-at-Rest Encryption Solutions
    KeySecure for Government integrates with various encryption solutions such as:

    • ProtectCloudStorage: Encrypts data using customers’ own keys before it is sent to cloud object storage
    • ProtectV: Provides full disk encryption of physical servers, virtual machines, and cloud instances
    • ProtectFile: Controls access and encrypts data in sensitive folders and files
    • ProtectApp: Encrypts sensitive field and application data at the point of creation
    • ProtectDB: Protects sensitive data across databases in the data center and the cloud

    Thales TCT'’s cloud independent encryption solutions enable your data to be seamlessly transferred to multiple clouds from various service providers.


    High Speed Encryption
    Data is often most vulnerable as it data moves to and from the cloud. Data owners should utilize network encryption solutions—either virtual or hardware-based—to ensure that their data is protected as it is transferred across the network. 

    Thales TCT's offers high speed encryption solutions that enable secure cloud connectivity:

    • CN9000 Series 100Gbps High-Assurance Mega Data Encryptor
    • CN6000 Series 1Gbps-10Gbps Scalable, High Assurance Ethernet Encryptor
    • CN4000 Series 10Mbps-1Gbps Versatile and Compact, Entry-level Ethernet Encryptor
    • CV1000 Hardened Virtual Encryptor for Extended WANs and SD-WANs
  • Resources

    Download our Industry Insight - Big Data and the Cloud: Best Practices for Data Security

    Download Now


This site uses cookies to store information on your computer. Some are essential to make our site work properly; others help us improve the user experience.

By using the site, you consent to the placement of these cookies. For more information, read our cookie policy and our privacy policy.