Information technology firm Hewlett Packard Enterprise (HPE) has announced the release of HPE SecureData along with Hyper Format-Preserving Encryption (FPE) and Hyper Secure Stateless Tokenization (SST), a National Institute of Standards and Technology (NIST) certified set of tools designed to increase the protection of data for organizations and government agencies that must comply with General Data Protection Regulation (GDPR) requirements.
With the growth of the cloud and the Internet of Things, opportunities for cyber criminals to strike are increasing. Consequently, it is imperative that organizations take a data-centric approach to the protection of sensitive data. In the event of a breach, end-to-end encryption can be vital, rendering stolen information useless.
In an exclusive with Homeland Security Today, Albert Biketi, vice president and general manager, HPE Security – Data Security, HPE, said, “HPE SecureData protects sensitive Personally Identifiable Information (PII) such as Social Security number, Tax ID, date of birth, email and physical addresses, location data andsensor data, with FPE.”
According to Biketi, the encryption technology recently released by HPE is different than many methods used previously within the industry. He explained that HPE’s solutions remove the complexities of traditional approaches.
“Unlike traditional encryption technologies which protect at rest, at the database or storage ‘container’ level, HPE SecureData protects information at the data element level, over the entire data lifecycle—from the point at which it’s captured, throughout its movement across the organization. It works with virtually all platforms and operating systems, from mainframe to Hadoop and open systems,” said Biketi.
Industry and government have expressed interest in HPE’s new solutions. Government entities are using the technology to protect PII, as well as Protected Health Information, against data breaches and from insider attacks, both human and cyber.
“HPE SecureData provides federal agencies with the ability to quickly retrofit data security into existing legacy applications, including the mainframe,” said Biketi.
HPE’s advancements in security protection address some of the most sensitive areas of data housing and compliance. Due to the vast array of sophisticated attacks possible in today’s threat environment, government entities are exploring have ways to protect data from multiple angles.
“The US Government is experiencing cybersecurity attacks on all sides – from cybercrime to espionage,” said Biketi. “The reasons are completely evident: they house massive amounts of citizen, military and diplomatic data. They must protect this data from attackers ranging from nation states, criminals and even their own employees.”
“At the same time, they need to make the data available to employees, citizens, contractors, states and other countries when appropriate,” Biketi added.
The Cybersecurity Act of 2015 contained guidelines emphasizing the importance of having sensitive data encrypted by the end of 2016. HPE has designed their SecureData tool to address various challenges surrounding encryption, for both historical as well as current systems, clouds, and mobile tools.
“The challenge of protecting data in government organizations is different from the challenge of protecting financial information or point-of-sale systems, because the government in some cases is using IT infrastructure and applications dating back to the 1960s,” Biketi said.