HPE SecureData provides an end-to-end data-centric approach for enterprise data protection. This unique and flexible suite of encryption technologies protects data over its entire lifecycle—from the point at which it’s captured, when at rest, and throughout its movement across the extended enterprise, all without exposing live information to high-risk, high-threat environments. Data is protected persistently as it moves from application to application and across the IT ecosystem—at rest, in motion and in use, without gaps in security.
Next Generation Technologies for the Data-driven Economy
HPE SecureData includes next generation technologies, Hyper Format-Preserving Encryption (FPE), Hyper Secure Stateless Tokenization (SST), HPE Stateless Key Management, and data masking. HPE SecureData “de-identifies” data, rendering it useless to attackers, while maintaining its usability and referential integrity for data processes, applications and services.
Effective and efficient data-centric audit and protection (DCAP) capabilities offered by HPE SecureData through our security and information governance portfolio of solutions combine extensive data security and audit functionality with simplified discovery, classification, granular policy controls, user and role based access and real-time data and user activity monitoring to help automate data security and regulatory compliance.
Industry-accepted standards are a critical vetting criteria when seeking high security assurance encryption–and not all FPE is the same: HPE SecureData includes the industry’s first Federal Information Processing Standard (FIPS) 140-2 validation of Format-Preserving Encryption (FPE), and HPE SecureData also has the world’s first FIPS-validated AES-FF1 encryption configuration option to operate in strict FIPS mode, delivering a proven method of protecting data for U.S. federal agencies and departments, and global enterprises. Hyper FPE is FIPS 140-2 approved, leveraging the NIST FF1 AES encryption standard, backed by security proofs, to encrypt virtually unlimited data types. Hyper FPE technology delivers a proven and approved method of protecting data for U.S. federal and other government agencies, global enterprises, and organizations that need to comply with General Data Protection Regulation (GDPR) requirements or similar regulatory mandates.
Integrated HSM: The integration of HPE SecureData with HPE Atalla HSM offers organizations physical and logical data protection, a FIPS validated hardware solution for storing and managing keys, and centralized configuration and security policy enforcement, making it simpler for customers to manage data protection
- Simplify data-centric audit and protection (DCAP) capabilities with a single security and information governance framework across applications, business processes and analytics
- Neutralize costly and brand damaging data breaches
- Enable compliance to privacy regulations and address legislation, such as GDPR, PCI DSS, and HIPAA
- Reduce compliance audit scope, costs and resources
- Secure your most sensitive secrets, with an integrated hardware root of trust
Key Features and Capabilities
Sensitive data is protected with NIST-Standard FF1 AES encryption, pioneered by Hewlett Packard Enterprise.
Unicode Latin 1
Provides format and character set preserving encryption for global enterprises in languages such as German, Spanish, French and much more.
General Data Protection Regulation (GDPR)
Supports the encryption and pseudonymization guidance in the new GDPR legislation for European Union.
Central policy management and control
Stateless key management
Dynamically derives keys on-the-fly after authorization, thus eliminating the need to store or manage keys and seamlessly integrates with existing identity management and authorization systems to provide policy based access to data.
Simple, high performance
native platform APIs covering enterprise and cloud platforms
Enables native platform encryption for efficiency on a broad range of
Easy to use web services API’s for distributed and cloud environments
High performance Web services interfaces enabling encryption and tokenization for enterprise applications, middleware, cloud broker systems and cloud applications.
Support for diverse platforms for enterprise, Big Data, and cloud data security
Enables the consistent and compatible structured and unstructured data protection across Windows, Linux, AIX, Solaris, HP-UX, HPE Vertica, HPE NonStop, Stratus VOS, IBM z/OS, AWS, Azure, popular cloud stacks,
Hadoop and Teradata.
Agnostic of databases
Compatible with Hadoop, Oracle, DB2, MySQL, IDMS, Sybase, Microsoft SQL, Azure SQL and any traditional database.
HPE SecureData and HPE Atalla HSM Integration
Extends end-to-end data protection through the combined, integrated solutions of HPE SecureData Payments and HPE Atalla Hardware Security Module (HSM). By joining data-centric data protection with a tamper-reactive hardware security module, companies are able to neutralize data breaches by protecting data while storing the master secret in a hardened storage device, rendering it useless to attackers.
Use Data Masking to Protect Sensitive Data
Buyers are increasingly concerned with the risk of re-identification of masked data, especially in complex big data environments, and facing regulations such as GDPR, which require an assessment of that risk. In the February 2017 Gartner Market Guide for Data Masking, Gartner recommends security and risk management leaders should use data masking to desensitize or protect sensitive data and address the changing threat and compliance landscape.