Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Getting More Value Out of Your Data
1. Getting More Value out of your
Data
Tammy Schuring
Chief Customer Officer
Voltage Security, Inc.
For Internal Use Only.5/16/2013 1
2. Data in 2013 and Beyond
*** Confidential and
Proprietary ***
2
• Up through 2012, compliance and breach risk have driven
data security
– Defending reputation, mitigating breach risks.
• Now, enterprise must maximize the return on data
• Maximize return on data by
– Liberating data across any channel without risk
– Enabling cloud, big data, mobility to be fully embraced
– Simplified regulatory compliance at the lowest cost of ownership
3. The shift to data security is here
• Threats moving from the network to the host to the data
– The next trend is to move from host to data
– Consumerization of IT is the catalyst for this change
– Focus is to identify “bubbles” of data and protect those assets –
as opposed to building protection at device layer
5/16/2013
(C) 2013 Voltage Security, Inc. All Rights Reserved
CONFIDENTIAL
3
Current and future security
initiatives will focus more on
protecting enterprise data
than the underlying device or
network infrastructure
Prediction in 2005
Dan Hitchcock
Security Architect, Microsoft Information Security
4. Taming the data explosion
• The explosion in data fuels growth and agility
– But time to data value is gated by risk and compliance
– Attacks to data are here to stay, and big data means a big target
– The balance of data access and data security is critical
5/16/2013
(C) 2013 Voltage Security, Inc. All Rights Reserved
CONFIDENTIAL
4
“90% of the data in the world
today has been created in the
last two years alone” - IBM
Cisco, IBM.
Parabolic growth in data created and consumed
0
10
20
30
40
50
60
70
80
2000 2005 2010 2015
Exabytespermonth
5. Customer Trends – Big Data
• Big Data – from the lab to production use cases
– Customer data analytics & modeling
– Fraud detection in payments
– Medical data analysis
5
6. Customer Trends – Cloud
• Cloud – from plans and trials to secure foundations
– Private clouds with data-centric Security as a Service
– Hybrid clouds with integrated enterprise data
– FPE technology enabling “Data as a Service” strategies
6
7. Customer Trends – Mobile
• Adoption of email encryption on Mobile to:
– Streamline customer processes via least cost email channels
– Integrate the consumer into the business via smartphones
– Cover the gaps left by BYOD security with data-centric security
7
90% of smartphone owners access the
same email account on mobile and
desktop. ExactTarget– “The 2012 channel
preference survey” (2012)
More email is read Mobile than on a
desktop email client or via webmail. Stats
say 42% of email is now opened on a
mobile device Litmus –”Email Analytics”
(Jan 2013)
10. 4th Largest Retailer – Web Application protection of
PCI Data
• PCI scope reduction for ecommerce
environment
– Projected $1MM/year savings
• E2EE for every card purchase &
tokenization for all stored cards
– Nearly 100MM transactions annually
• Selected Voltage SecureData Web &
Secure Stateless Tokenization
• Integrated into security private cloud
– Global Security as a Service
10
11. Top 5 US Retailer – PCI Compliance
• PCI compliance and cost reduction
– Loyalty data linked to cardholder data
• HP NonStop Guardian, IBM z/OS
– Mission-critical environments
• Voltage SecureData Enterprise
– Native encryption on legacy platforms
– Format Preserving Encryption – no
change to z/OS applications
– Maximum loyalty data use without risk
12. National Logistics Organization – POS E2EE
• PCI scope reduction project
– Opportunity for huge annual cost savings
• 75k POS terminals across 35k locations
– Mix of Ingenico & VeriFone devices
• Evaluated P2PE solutions from VeriFone,
RSA, and others
• Selected Voltage & Ingenico as
organizational standard
– Replacing all existing VeriFone devices
12
13. Top Health Insurance Company – Trusted Secure
Email Communication
• HITECH Compliance cost reduction
• Secure communications to
– >30m network members – healthcare, dental,
pharmacy
– >13m million group insurance members
– >840,000 health-care professionals
– >490,000 primary-care doctors and specialists
– ~5000 hospitals
• Standardized on Voltage SecureMail
Enterprise & Mobile
– Application & user driven encrypted email
– Customers on desktop and smartphones
• Replaced CISCO IronPort Encryption
with usability, cost, support and scale
issues
13
14. Top 10 Bank – Mobile Data Security
• Secure, differentiated customer
service via mobile channels
• Extends BYOD with end-to-end
security – emails and attachments
• Voltage SecureMail Mobile
– Enterprise standard for mobile email &
attachment encryption
– Inside the Bank, outside to partners and
customers – including consumers
– Adds to Voltage SecureMail Enterprise
with >2m users
14
15. Top US Telco – Mobile Data Security
• Transparent email encryption on
smartphones – internal and external
• End-to-end security to and from
– Android, iPhone, Blackberry
– Desktops and applications.
• Ease of use for executives critical
• Voltage SecureMail Mobile
– Mobile specific data policy control
– Internal, partner, law enforcement,
government secure collaboration
– Adds to Voltage SecureMail Enterprise –
the enterprise standard at the Telco
16. Global Credit Card Issuer
• Extending Office365 Email
Encryption to smartphones
– Blackberry critical, also iOS, Android
– Tablets and smartphones
– Support for corporate Blackberry and
BYPD
• Ease of use for executives critical
– Integration into complex AD framework
– Integrate to complex enterprise cloud
• Voltage SecureMail Mobile
– Executive communications
– External smartphone user collaboration
– Ability to compose key requirement for
17. International Health – Cloud Email Encryption
• #1 National Healthcare Service in EU*
• Standardized on IBE technology for
privacy compliant communications
– Links hospitals and healthcare services
• Seamless, federated EHR exchange – labs,
hospitals, doctors, patients, partners
• Ease of use for patients & doctors
• Simplicity for IT operations
• Mobile support for mobile health workers
• Voltage SecureMail &Voltage
SecureMail Cloud Services
Cloud delivery –SaaS service
Simple, easy to consume privacy compliance
* http://www.bmj.com/content/344/bmj.e3430
18. Summary
• It is possible to get more value from your data
• A data-centric approach to protecting sensitive
information will remove many obstacles to this goal
• Innovations in cryptography and tokenization make this
level of protection possible today
5/16/2013
(C) 2013 Voltage Security, Inc. All Rights Reserved
CONFIDENTIAL
18