Data protection

X Infotech offer security solutions, that keep sensitive information secure, however and wherever it is created, shared, stored, and accessed. These solutions meet all new PCI requirements and standarts for financial institutions.

The focus of PCI compliance is the protection of sensitive cardholder account data that is collected and stored during credit card transactions. The standard consists of a core set of principles with 12 specific requirements for the protection of sensitive cardholder data in use, at rest, and in transit.

Compliance with PCI DSS (the Payment Card Industry Data Security Standard) requires the protection of sensitive payment account data (such as primary account number (PAN), magnetic stripe data, CVV, and PIN) by any company that processes, stores, and transmits such data. The standard was developed by members of the PCI Security Standards Council, which includes VISA, MasterCard, and American Express, in response to increased credit card fraud. The new PCI Data Security Standard 2.0. version goes into effect on January 1, 2011, but impacted entities have until December 31, 2011, to become fully compliant.

One of the key challenges merchants, banks, and payment processors face is the implementation of data encryption to comply with the PCI security requirements—and to do so in an efficient and cost-effective manner.
SafeNet dramatically reduces the cost and complexity of PCI compliance with the most complete and easy to manage data protection solution. With SafeNet, merchants, banks, and payment processors can protect sensitive data at rest, in use and in transit to meet the most challenging PCI security requirements.

SafeNet products meet many of requirements PCI DSS, allowing to improve the state of information security in the enterprise and achieve compliance with the Standard.

Data encryption and control solution from SafeNet protect information throughout its lifecycle, wherever it resides—from the data center to a wide array of computing endpoints and into cloud computing environments. SafeNet DataSecure appliances are the heart of all SafeNet data encryption and control solutions. Using hardware-based encryption, DataSecure appliances cover the broadest variety of data types. They provide a unified platform with data encryption and granular access control capabilities, that offers key management and granular access control policies for databases, applications, mainframe environments, and individual files, simplifying administration, helping ensure compliance and maximizing security.

Key Management
With DataSecure, all cryptographic keys are kept in the centralized, hardened appliance to simplify administration while helping ensure tight security for the broadest array of data types. Key versioning streamlines the time-consuming task of key rotation

Policy Management
 An administrator can create a policy that prevents certain users from accessing sensitive data without interfering with their day-to-day system administration duties.

Logging, Auditing, and Reporting
To reduce the cost and complexity of security management, DataSecure provides a single, centralized interface for logging, auditing, and reporting access to data and keys. A centralized mechanism increases security and helps you ensure compliance with industry mandates and government regulations.

 
Flexible deployment options enable you to select the appliance that meets your processing and security-level needs. Once you choose the appliance, you can select from a full range of SafeNet security products to build a comprehensive solution for data center and endpoint protection. Incorporate any of the following products into a solution based on DataSecure:

ProtectDB—Safeguard the sensitive corporate and customer information
stored in databases.

ProtectApp—Lock down the credit card information, e-mail addresses,
health records, or national IDs stored at the application layer.

Tokenization—Shield information without affecting application performance.

EdgeSecure—Bring security to the edge of the enterprise with strong key protection and
centrally managed access policies for retail stores, remote locations, and branch offices.

ProtectFile—Secure the folders and files on servers, desktops, laptops, and removable media.

Features:

• Achieve comprehensive data protection with granular encryption capabilities that can be integrated at the database, application, drive, folder, or file level.
• Simplify security administration, ensure regulatory compliance, and maximize overall security with centralized management of cryptographic keys and policies as well as logging, auditing, and reporting functions.
•  Establishes a separation of duties to prevent any one administrator from making critical configuration changes without additional approvals of other administrators.
•  Select an appliance to address entry-level needs or accommodate the highest level of cryptographic processing.

Benefits:

• All your important information is persistently protected.
• Maintain ownership of data throughout its lifecycle, wherever it resides.
• Encrypt information transparently, without disrupting business operations, computing performance, or the end-user experience.

Specifications

• Processes more than 100,000 encryptions per second
• Scalable to hundreds of thousands of encryptions per second via clustering of multiple DataSecure platforms
• Less than 100 microseconds latency
• Security Algorithms- AES, 3DES, DES, RSA (signatures and encryption), RC4, HMAC SHA-I – SHA512, SEED
• Asymmetric Key Sizes- 512, 1024, 2048
• Symmetric Key Sizes-40, 56, 128, 168, 192, 256
• Certificate Management - Multiple certificates, built-in certificate authority, manage certificate requests, certificate revocation list (CRL) support
• API Support - NET, MSCAPI, JCE, ICAPI, PKCS#11
• Network Management - SNMP (v1, v2, and v3), NTP, URL health check, signed secure logs, syslog, automatic log rotation, secure encrypted and integrity checked backups and upgrades, extensive statistics
• System Administration - Secure Web-based GUI, secure shell (SSH), console
• Web and Application Servers Supported - Oracle, IBM, BEA, IIS, Apache, Sun ONE, JBoss, and more
• Databases Supported - Oracle, Microsoft SQL Server, IBM DB2, Teradata
• Mainframes Supported - IBM z/OS
• File Servers Supported - Microsoft, Red Hat Linux, Cent0S Linux