Skip Navigation

Encrypting PHI wherever possible and reasonable can be one of the most effective approaches for fine tuning your HIPAA compliance efforts. The essence of HIPAA Security Rule compliance is finding and implementing the most reasonable process or control to minimize risks that have been identified and prevent breaches.

Download Now

Federal agencies require a simple way to correlate all security-relevant data so they can manage their security posture. Instead of merely watching events after they occur, agencies should anticipate their occurrence and implement measures to limit vulnerabilities in real time. For that, agencies need an analytics-driven SIEM platform such as Splunk.

However, once data is correlated by SEIM tools, it becomes extremely valuable. By integrating an encryption and key management solution such as Vormetric Data Security Platform with Splunk, agencies can ensure that their operational intelligence is protected from surreptitious attacks.

View this on-demand recording with Thales TCT to learn how to protect Splunk indexes and provide enhanced visibility on the processes and users who are accessing protected data.

Download Now

True data protection extends beyond the core. Agencies need to apply the same level of protection deployed at the core to the cloud and to remote or disconnected environments in the field.

Thales Trusted Cyber Technologies serves as a trusted, U.S. based source for cyber security solutions. We offer a broad selection of security solutions that secure, manage, distribute, and control access to your data and cryptographic keys.

 

In this second installment of a two-part series, Rob from Thales TCT demonstrates how to configure Apache web server to use Thales TCT's Luna Network HSM to protect the private key for the certificate used by the web server.

 

Thales Trusted Cyber Technologies, offers a network security solution that provides high-assurance data protection; dedicated encryption devices from 100Mbps to 100Gbps, support for multiple network and protocol configurations, secure key management, and authenticated end-to-end encryption.

During this on-demand webinar, you will have the opportunity to learn about:

  • Thales High Speed Encryption product line
  • High Speed Encryption use cases and network configuration
  • High Speed Encryption enterprise management
  • Transport Independent Mode

Download Now

Jane from Thales TCT demonstrated how to integrate HPE ESL G3 Tape Library with Thales TCT's KeySecure for Government KMIP compliant key manager.

 

Jane from Thales TCT demonstrates how to integrate Red Hat Certificate Authority, part of the Red Hat Certificate System 9.4, with Thales TCT's Luna Network HSM.

 

Thales TCT's CTO, Brent Hansen, shares his insight into taking a data-centric approach to security to enhance an agency's overall security posture and address CDM compliance requirements in his presentation at FCW's CDM Summit. Brent breaks down his decision tree methodology to help agencies validate the points of weakness and the tools available to achieve not only compliance but to provide the highest-level security posture.

 

As technology has evolved, the array of devices, applications and infrastructure have exploded, each providing a specialized type of data, protection or service. Distributed systems handle transactions; security/monitoring infrastructure monitors for  breaches and slowdowns; a myriad of applications make the best use of Web technologies. Each of these elements generate machine data that can be used to provide competitive advantages, gain insights into customer behavior and avoid security or compliance issues.  


This paper examines the use of Splunk as the platform to collect and index machine data from virtually any source, regardless of its location. Then, we will consider how Vormetric can interact seamlessly with the Splunk system to ensure compliance with security policies and regulatory mandates. 

Download Now

Learn how to integrate HPE MSL3040 with KeySecure for Government.

 

Learn how to integrate Microsoft OCSP with Luna HSM for Government.

 

Learn how to integrateHPE Primera Storage Platform Library with KeySecure for Government.

 

Learn how to integrate HPE StoreEver MSL G3 Series Tape Library with KeySecure for Government.

 

As healthcare stakeholders and systems become better connected, the volume of healthcare data created, processed, analyzed and stored is greater than ever. The increased use of HD video – either for collaboration or patient monitoring – is also changing the nature and format of healthcare data.

Download Now

This Insight is designed to help IT decision-makers understand what quantum computing represents for the future of cryptography and how data security practices will need to respond.

Download Now

The cloud provides new capabilities to develop more flexible offerings that are on par with premises-based versions – but at a lower cost and faster time to market. This, in turn, presents new models for government agencies to consider, either to augment or replace their existing data security infrastructure.

Download Now

Supply chain risk management (SCRM) has long been a key element of the manufacturing process, but as technology advances, the risk management challenges go well beyond the world of producing physical products such as hardware. ISO-based standards provide clear guidance on supply chain management, especially for conventional manufacturing, but U.S. Federal Government suppliers need to think more broadly in today’s digital economy.

Download Now

Opportunities for improving efficiencies in the public sector are so great that the adoption of technologies like RPA is being mandated. Not only do IT decision-makers for U.S. Federal agencies need to get up to speed on RPA, but they must also ensure that current levels of data security applied to humans extends to robots as well.

Download Now

At the heart of this for IT is ensuring that the data flowing to and from these “things” can be trusted. IT needs to create security awareness around IoT, especially for protecting data at the network edge. There will soon be too many IoT-enabled network access points for IT to manage, and a data security strategy is needed to protect the integrity of the edge devices, components, endpoints, etc.

Download Now

Once data is encrypted, the only way to gain access is by decrypting or unlocking secret content using the key. Haphazardly protecting these keys negates the entire process of encryption and creates a false sense of security. This white paper outlines best practices for deploying an effective cryptographic key managment strategy.

Download Now

The term Root of Trust (RoT) is commonly used in information security circles, but what does it mean? Why do we care? How does it apply to cryptographic controls? Modern computer systems are incredibly powerful and flexible. They can be molded to accomplish things that were unimaginable a mere decade ago. This same property makes them almost impossible to control and all too easy for malicious actors to find ways to disrupt them. To counter these threats, security experts have resorted to a wide range of cryptographic tools, and for these tools to function they need a trust worthy beginning.

Download Now

The Luna SA for Government uses a comprehensive three-layer authentication and access control model to achieve extremely strong security between the host application processes and the Luna SA for Government’s HSM partitions.This three-layer authentication and access control model was designed to allow the Luna SA for Government to offer network connectivity to clients without sacrificing the security requirements of HSM operations.

Download Now

For agency leaders and IT administrators responsible for data security—from the most basic statistics to highly sensitive documents—understanding the role of encryption and the management of encryption keys is vital to keeping confidential data just that—confidential. And, for organizations that entrust their data to cloud storage, it is essential that they understand the options available for safeguarding this protected data—even if it’s being managed in the cloud by a third-party vendor. This white paper discusses the importance of data encryption, the vulnerabilities of third-party encryption, the necessity of encryption key ownership, and how all of it affects the security of your organization’s data stored in the cloud.

Download Now

Everyone wants their eyes on the data to reduce costs, improve efficiency, develop new products, optimize offerings, and to make smarter, data-driven decisions. To meet these demands, data will need be produced in more places, stored in more places, processed in more places, and ultimately, shared and distributed to more places. As an IT professional, this isn’t new news. You’re living it – and it’s quite the data protection dilemma. The thought of sharing your organization’s sensitive data outside of your brick and mortar location (and outside of your watchful eye) is a growing concern. So how do you find a way to balance critical business needs and requirements, while protecting your data from malicious threats?

Download Now

This White Paper describes the comparative security and performance benefits of Ethernet WAN data security solutions. We compare the benefits of SafeNet Layer 2 high speed encryption hardware with integrated encryption using MACsec or TrustSec.

Download Now

So, you need to encrypt your sensitive data? Your data is in high demand, and you know it needs data-centric protection. With so many encryption options available, how do you find the right solution to protect your organization's sensitive data?

Download Now

As the old saying goes, “loose lips sink ships”. For today’s enterprises, it is network metadata doing the talking—and a lot of potentially dangerous entities are listening. This paper looks at the risks that metadata can pose to many organizations, and it reveals how transmission security can be used to create a safeguard against nefarious network traffic analysis.

Download Now

There are several challenges impeding adoption across federal agencies of PIV for privileged user access. Primarily, the time and cost required to migrate to PIV-enabled technologies for privileged user accounts can be unmanageable in the intermediate term. Pursuing technologies that support PIV-enablement of privileged user accounts is an evolutionary process and requires significant investment as systems are updated, replaced, or migrated. In many cases, this isn’t practical for legacy systems. Download this White Paper to learn why authenticators are proven and practical alternative to PIV.

Download Now

Acknowledging that cyber security is a monumental task, CDM has taken a structured approach by defining four phases that enable agencies to fold in different aspects of cyber security over time. The program begins with dashboards at both the federal and the agency/department level. The program then deploys sensors throughout the network infrastructure that address different strategic questions associated with network security.

Download Now

The Cloud First initiative is now a reality—civilian and defense agencies are being asked to default to cloud-based solutions when possible. In order to facilitate the transition to the cloud, the Federal Government has implemented the government-wide Federal Risk and Authorization Management Program (FedRAMP) to provide a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

Download Now

For US law enforcement agencies, complying with the Criminal Justice Information Services Security Policy (CJIS-SP) is an imperative requirement. However, it’s also critical to ensure that the security mechanisms employed don’t in any way impede staff in fulfilling the agencies’ chief charter: fighting crime. This paper examines data-in-transit encryption, which is an important component of CJIS-SP requirements. It offers a number of insights into the approaches that can help organizations address data-in-transit encryption policies most efficiently and effectively—while ensuring that investigators and other users always get reliable, timely access to the information they need to do their jobs.

Download Now

From medical records to insurance forms to prescription services, the healthcare industry has become a networked environment— allowing patient information to be shared and managed by a variety of parties and from a number of endpoints, each with their own level of security for protecting that information. 

Download Now

As healthcare stakeholders and systems become better connected, the volume of healthcare data created, processed, analyzed and stored is greater than ever. The increased use of HD video – either for collaboration or patient monitoring – is also changing the nature and format of healthcare data.

Download Now

While HITECH provides ample incentives for healthcare organizations to employ EHR systems, it also builds on HIPAA to provide more stringent security and privacy rules. Therefore, healthcare organizations that leverage EHR systems must also ensure regulated information is consistently and effectively safeguarded—and do so for as long as that data must be retained, which can be decades in many cases. This paper reveals a key vulnerability that is prevalent in many organizations that have adopted EHR: regulated data held in digital storage systems. The paper also reveals how solutions offered by SafeNet Assured Technologies can help secure this critical area in the healthcare organization’s infrastructure.

Download Now

This Industry Insight highlights three best practices for IT to focus on for data security. Incorporating the cloud into your Big Data strategy requires a more comprehensive approach, and the starting point is to recognize the need for IT to adopt a security posture that is aligned with cloud-based technologies. The following three responses will help set that alignment, after which the direction for your longer path will be clearer.

Download Now

Attendees of this webcast learned how to easily secure data in a virtual environment through encryption in order to:

  • Ensure compliance with regulations and security policies
  • Protect directory services and intellectual property
  • Secure data in disaster recovery sites

Download Now

Attendees of this SafeNet Assured Technologies, Carahsoft, Emergent and V3Gate webinar learned how to apply the Encrypt Everything philosophy to protect PHI data. We broke down the HIPAA mandate and taught participants how to implement best practices to address key regulations, such as:

  • Workforce and workplace security
  • Information access management
  • Contingency plans
  • Personal and entity authentication 
  • Transmission security 

Download Now

Attendees of this webcast learned about next generation authentication methods that provide secure access to networks and applications from a variety of devices while ensuring compliance. We also discussed:

  • FISMA Compliance & Electronic Authentication Guidelines
  • HSPD-12 Compliance & PIV Derived Credentials for Remote Identity Populations

Download Now

Attendees of this webcast learned the best practices for Layer 2 network encryption, such as:

  • Protecting networks from fiber tapping threats and private VLAN vulnerabilities
  • Complying with mandates
  • Implementing flexible, future-proof designs
  • Ensuring performance and efficiency
  • Employing a cost effective solution

Download Now

Attendees of this webcast learned about best practices for high speed network encryption. During this time, we explored:

  • Benefits of layer 2 network encryption
  • Utilizing transmission security to protect data in motion
  • Protecting closed-circuit television and video surveillance transmissions
  • Securing point-to-point and point-to-multi point communications

Download Now

Attendees of this webcast learned about best practices for protecting high value data-at-rest, including:

  • Implementing dynamic encryption for data-at-rest protection
  • Centralizing key management to secure and manage encryption keys
  • Separating server administration responsibility from data access and key management

Download Now

Attendees of this webcast learned about best practices for protecting high value data-at-rest, including:

  • Implementing dynamic encryption for data-at-rest protection
  • Centralizing key management to secure and manage encryption keys
  • Separating server administration responsibility from data access and key management

Download Now

Attendees of this webcast learned more about the three-step process to effective data at rest protection. During this time we discussed:

  • How to identify your high value data assets and create a plan to protect them
  • Different encryption methods for structured and unstructured data
  • Importance of key management

Download Now

Attendees of this webcast learned why enterprise key management is a vital component of a robust data security architecture enabling you to:

  • Protect data against physical theft of disk drives
  • Meet compliance and/or audit mandates
  • Protect intellectual property in multi-tenant environments
  • Secure data located in disaster recovery sites
  • Refresh legacy key management solutions
  • Maintain high performance and availability of user files

Download Now

Attendees of this webcast learned how encryption provides a trusted storage security solution for:

  • Data isolation in multi-tenant environments
  • Privileged user risk mitigation
  • Compliance
  • Archived data and intellectual property protection

Download Now

Attendees of this webcast learned why securing encryption keys in a dedicated hardware key manager better protects your data. During this time, we discussed:

  • Vulnerabilities of storing keys on a server
  • Benefits of external hardware key management
  • Importance of separating administrative duties

Download Now

Attendees of this webcast learned more about the:

  • Administrative burden required to manage fragmented key stores and associated lifecycle operations
  • Inability to provide a consistent policy across multiple encryption solutions
  • Importance of enhanced key protection (FIPS 140-2 Level 3) and governance across key lifecycles

Download Now

Attendees of this webcast learned how you can employ a hardware-based digital signature solution to ensure the validity of critical documents with an easy-to-deploy, high-assurance solution using Adobe® LiveCycle® and SafeNet's Luna SA Hardware Security Module, including how to:

  • Guarantee signer authenticity and data integrity
  • Streamline business processes
  • Reduce costs associated with traditional paper-based processes
  • Ensure legal compliance

Download Now

Attendees of this learned how to easily deploy a cost-effective DNSSEC solution that does not increase the burden on DNS administrators and:

  • Boosts security
  • Reduces costs
  • Controls access
  • Maintains application integrity
  • Scales to accommodate high volume processing

Download Now

Attendees of this webcast learned how to protect cryptographic keys by easily integrating hardware security modules to applications in order to secure:

  • PKI/Certificate Services
  • Database and File Encryption
  • Web Services
  • Cloud Services

Download Now

Cipher Summit 2019 Replay

Check out the on demand videos and presentations from the event. Download Now

This site uses cookies to store information on your computer. Some are essential to make our site work properly; others help us improve the user experience.

By using the site, you consent to the placement of these cookies. For more information, read our cookie policy and our privacy policy.

Accept