![Page 1: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/1.jpg)
History, Heresy & The Future of Data Encryption Martin Hellman Professor Emeritus, Stanford University Co-Inventor of Public Key Cryptography
Michael Callahan CMO and VP, CREDANT
Gretchen Hellman VP of Marketing and Product Management, Vormetric
![Page 2: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/2.jpg)
Agenda
• The State of Encryption Today
• Historical Perspective: The Inside Story on Inventing Public Key Cryptography
• Psychology, Risk and Encryption
• What Works in Cryptography
• CREDANT and Vormetric: Changing Perceptions in Cryptography
![Page 3: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/3.jpg)
Data Center
3
The Business Problem
Employee
Contractor Partner
Prospect List
Intellectual Property
Customer Credit Card Information Social Security Numbers
Classified Government Information
Airport
Internet Cafe
Home
Office
Site
Transit Patient Records
ALL Sensitive Corporate Data
![Page 4: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/4.jpg)
Compliance Regulations Expanding
4
• Data Compliance Laws are Driving the Market Many National Laws/Initiatives/Acts/Programs
• HIPAA, PCI, GLBA, SOX, FISMA, BITS 44 states, DC, Puerto Rico and the Virgin Islands have laws* States with no law yet
• Alabama, Kentucky, Mississippi, Missouri, New Mexico and South Dakota
![Page 5: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/5.jpg)
Why aren’t all Enterprises Encrypting?
Perception of encryption is behind advances in technology
Hard Expensive Unmanageable
Easy Economical Transparent
Perception - History Reality - State of the Art
![Page 6: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/6.jpg)
Introducing Professor Martin Hellman
• Co-Inventor Public Key Cryptography
• Professor Emeritus, EE, Stanford University
• Selected Awards: IEEE Fellow, Marconi Fellow,
Electronic Frontier Foundation Pioneer Award, Member of National Academy of Engineering
![Page 7: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/7.jpg)
Early 1970s: Looking Into the Future
![Page 8: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/8.jpg)
Finding Other “Fools”
Merkle Diffie Hellman
![Page 9: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/9.jpg)
Early Feedback About the Idea
![Page 10: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/10.jpg)
Identifying the Issues
• Ad-hoc communication with unknown users over computer networks
• Symmetric key distribution could not work
![Page 11: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/11.jpg)
Solving the Problem
• Identified the need to develop a 2 key system
• How could it be mathematically derived?
An important suggestion from Professor John Gill Stanford University
![Page 12: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/12.jpg)
1976 – New Directions in Cryptography
“We stand today on the brink of a revolution in cryptography”
![Page 13: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/13.jpg)
Building on the Foundation
• PKI
• Digital Signatures
• SSL
• Elliptic Curve
![Page 14: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/14.jpg)
Risk, Psychology and Encryption
• Resistance to addressing risk
• Cassandra, teenage immortality, nuclear risk, soaring and cryptography
• What we can do?
![Page 15: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/15.jpg)
Cryptography Today – What Works
• Integrated
• Transparent
• Automatic
![Page 16: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/16.jpg)
Martin Hellman’s Work Today
• NuclearRisk.org
• Recent work: Soaring, Cryptography and Nuclear Weapons
![Page 17: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/17.jpg)
CREDANT and Vormetric
Changing perceptions about Encryption
• Innovative approaches CREDANT – Endpoint Encryption Vormetric – Servers and Storage
• Focused on making encryption work Manageable, transparent, secure
“Vormetric made our key management and encryption as simple as it can be.”
— Troy Larson, VP of Information Systems, Metabank
“The CREDANT software is very transparent — most people don’t know it’s on the machine.” — David Fennel, IT Security Coordinator, Talisman Energy
![Page 18: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/18.jpg)
18
CREDANT Overview
![Page 19: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/19.jpg)
19
CREDANT Company Overview
2007 Data Security Leadership Quadrant
2007 & 2008: #1 Fastest Growing Private (Security) Company
Testergebnis: 8.6 Very Good
Founded - September 17, 2001 To enable customers to manage security of data on
any device Product Line - CREDANT Mobile Guardian (CMG)
Data-centric, policy based, centrally managed data protection solution that "Protects What Matters"- your critical information
Financial and Strategic Investors Leading Venture Capital Firms
Austin Ventures, Menlo Ventures, Crescendo Ventures
Cisco Systems & Intel Capital Accomplishments
More than 775 customers worldwide Protecting >5 Million endpoints globally Solution recognized by leading industry experts
![Page 20: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/20.jpg)
CREDANT’s Diverse Customer Base Spans Major Industries and Geographies
Aerospace & Defense
State and Local Government
Universities
Consumer Industries Drugs & Healthcare
Energy
Financial Services
Telecommunications, IT & Media
Public Sector
Retail & Leisure
20
![Page 21: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/21.jpg)
CREDANT’s Data-Centric Encryption More secure than other options
Disadvantage: • Encryption only on system
level - no awareness of user or type of data
• Only available for Desktops and Laptops
• System administration significantly impacted
• No separation of system and security administration
• No protection against copy onto external media
Full Disk Encryption
Complete encryption of hard disk, including boot
and system files
File & Folder Encryption
Files and Folders specifically selected by the user are
encrypted
Disadvantage:
• Security dependent on user behavior
• Temporary application files can leak information
• No central administration or key recovery
• Impossible to enforce or prove compliance
The CREDANT approach combines the best of “Full Disk Encryption“ and “File & Folder Encryption“ and overcomes their significant problems
CREDANT’S Data-Centric Encryption
• Data automatically encrypted based on policies
• Encryption awareness of users, groups, systems and data types
• System remains accessible for system administration
• Central Administration for all devices and storage media with automated key escrow for guaranteed recovery
• Automatic detection and enforced protection of external media
![Page 22: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/22.jpg)
22
CREDANT Simplifies the Solution
Full Compliance Reporting
Transparent to End-users
No Operational Impact
All Solutions Managed within One Web-based
Console
![Page 23: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/23.jpg)
Vormetric Overview
The Best in Enterprise Encryption
• Mature and Proven Founded in 2001, production deployments since 2003 Over 500 enterprises use Vormetric solutions
• Innovative Architecture Transparent to applications, databases, storage and users High performance, extendible, and rapidly deployable
• Strong and Growing Unparalleled partnerships Diverse expanding customer base standardizing on Vormetric
![Page 24: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/24.jpg)
• THE solution for DB2 and Informix
• THE solution for NetBackup
Strong Validation
• THE solution for securing the execution environment for Oracle DataVault
![Page 25: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/25.jpg)
• Secure, centralized policy and key management
• High performance
• Heterogeneous
• Rapidly deployable
• Extensible
Any File, Any Database, Any Application, Anywhere!
Vormetric Data Security
![Page 26: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/26.jpg)
Vormetric Simplifies Data Security
Oracle DB2 Informix
Sybase SQL Server MySQL
ERP CRM CMS
Care Management
CAD POS VoIP Dev Apps
Homegrown Applications
File Shares Flat Files Point
Encryption
HR Apps
![Page 27: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/27.jpg)
The Vormetric Approach
Users
Apps
File System
Databases
Volume Manager
• Encryption
• Access Control
• Audit
• Centralized management
![Page 28: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/28.jpg)
DB2 Oracle
Vormetric’s Extensible Solution
DAS
ERP
SAN NAS
SQL Sybase
IIS Apache WebLogic
File Servers FTP Servers Email Servers
CRM Payments
Other
CMS Custom
• Log Files • Password files
• Configuration files • Archive
• Data files • Transaction logs
• Exports • Backup
• File shares • Archive
• Content repositories • Multi-media
MySQL
VM
“ ” Future scalability to apply this solution where additional needs may arise was a significant consideration
Thomas Doughty, CISO, Prudential
![Page 29: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/29.jpg)
Summary
• Making encryption easy and effective from the endpoint to the core
• No impact to existing operations
• Keeping you compliant, out of the headlines and protected
![Page 30: History, Heresy & The Future of Data Encryptioncredant-security.co.uk/pdf/presentation/History-and-Heresy-Webcast.pdf · History, Heresy & The Future of Data Encryption ... and system](https://reader031.vdocuments.net/reader031/viewer/2022021823/5b4f0db77f8b9a3e6e8b77c2/html5/thumbnails/30.jpg)
Thank You!
CREDANT • [email protected] • www.credant.com • 866-CREDANT (273-3268)
Vormetric • [email protected] • www.vormetric.com • 888-267-3732
Q&A For More Information Contact: