HPE SecureData for Teradata
As with any data architecture deployment, enterprises face many security and regulatory compliance challenges, especially when looking to concentrate data from multiple sources in a Data Lake, enabling analytics on multiple types of data, and enabling access by many different users with varying analytic needs. With data in constant motion and with rising threats to sensitive data from both inside and outside the enterprise, HPE SecureData for Teradata ensures privacy of sensitive information is preserved end-to-end across the Teradata Unified Data Architecture (UDA)—from the moment of capture through business analysis applications and to the back-end data store.
Teradata Unified Data Architecture (UDA) is an integrated solution designed to make it easy to transform data into meaningful insights from big data environments. Teradata UDA unifies all forms of data into an architecture that helps you achieve a 360 degree view of your data so you can make smarter decisions based on relevant insights. And the best analytics generally involve sensitive customer and corporate information—transactions data, personally identifiable information, payment card information and more.
How It Works
HPE SecureData for Teradata provides native data encryption, stateless tokenization and stateless key management capabilities for customers looking to address compliance or regulatory requirements such as PCI, HIPAA, GLBA and international data privacy and residency regulations. Through the use of standards-based HPE Format-Preserving Encryption and tokenization technologies, Teradata customers can protect data at-rest, in-transit and in-use, without affecting database schemas or formats. The joint solution also provides data masking/de-identification, enabling data to be shared with less-trusted environments such as test/development, training or QA. The solution is implemented as User Defined Functions (UDFs) within Teradata, and provides unmatched performance and scalability to protect vital enterprise information assets.
With HPE Format-Preserving Encryption (FPE) and HPE Secure Stateless Tokenization (SST), data is protected as close to its source as possible, in a way that is scalable and format-preserving, and maintains the analytic meaning and logic of the data without live data exposure risk. HPE SecureData protects the data at the field-level so that it can be used by applications in its de-identified state, yet can also be selectively and securely reversed for those specific applications and users that require it. In this way, HPE SecureData enables data scientists to perform analytics on protected data, even while the value of the data to attackers has been removed. HPE SecureData provides multiple options for securing sensitive data used in Hadoop and the Teradata Unified Data Architecture–from applying data security at source applications, on ingestion into or within Hadoop clusters and Teradata, enabling secure analytics in Business Intelligence tools and downstream applications.
If you’re embarking on Hadoop adoption you know that sensitive customer and corporate data will be in the ecosystem – transactional data, intellectual property, customer files, and more. As Adrian Lane of Securosis has noted, “High quality data produces better analysis results—which is why a key ingredient is sensitive data.” Now the question becomes how to keep sensitive data secure as it moves into and beyond Hadoop, and—most importantly—how to protect the data but still make it accessible by many different users with varying analytic needs and ad-hoc processes. Watch now, to understand how to enable analytics and insights without security risk, and how to neutralize data breaches through data-centric technologies that can integrate with Hive, Sqoop, MapReduce and other Hadoop specific interfaces.
HPE SecureData is built on Stateless Key Management, which provides keys automatically with no key storage or database management issues such as key roll-over, back-up, recovery and audit. Support for encryption, tokenization and data masking protection techniques enable a broad range of use cases. HPE SecureData provides broad support for the multi-platform enterprise, including not only Teradata and Hadoop, but also HPE Haven, HPE NonStop, IBM z/OS, Linux, Windows, AWS, and more–in Big Data, cloud and on premise environments.
“Data protection needs to take into account both internal and external threats, including those against critical database and application resources. However, many protection mechanisms require application retooling or add complexity that delays or halts deployment. HPE Format-Preserving Encryption overcomes these issues. It’s an exciting step toward improved, simpler data protection and compliance with regulatory requirements.”