Imperva® and Fortanix Partner to Protect Confidential Customer Data

Imperva Data Security Fabric and Fortanix Data Security Manager combine to provide end-to-end data security.

Imperva, Inc., (@Imperva) the cybersecurity leader that protects critical applications, APIs, and data, anywhere at scale, and Fortanix, Inc. (@Fortanix), the Data Security company powered by Confidential Computing, have signed a partnership agreement, and have each joined the other’s strategic partner program. 

This partnership brings together two of the most innovative and trusted cybersecurity companies focused on multicloud data protection. The joint offerings from Imperva and Fortanix will provide customers the ability to manage the entire data security workflow, ensuring data privacy and compliance.

Imperva and Fortanix Capability Wheel

You can’t protect your sensitive data unless you know where it is and what it is

Every organization has “out-of-control” data growth in both known and unknown data repositories. Along with the massive growth of data comes the risk of data breaches  and insider threats. In order to protect against these threats, many companies implemented a comprehensive data security strategy that provides end-to-end data security rather than trying to tackle each global data source separately.

The Main Steps to this Data Security Workflow are:

  1. Discover the data wherever it is located
  2. Classify the data to identify which data is sensitive and which data is not sensitive
  3. Protect the sensitive data by either encrypting or tokenizing the data
  4. Validate that the sensitive data is protected, and the organization would pass an audit

Organizations need to treat the protection of the global data workflow as a complete process from mainframes, file shares, databases, data lakes, data warehouses, and cloud platforms across the organization. By combining the different data security elements into one workflow, organizations can obtain a complete overview, thus decreasing the chances for vulnerabilities, as well as allowing them to benefit from synergies and increased efficiency.

Manage the entire data security workflow

Imperva Data Security Fabric (DSF) is a robust and scalable hybrid, multicloud platform for data discovery and classification, activity monitoring, access controls, security analytics, threat detection, and compliance reporting. Imperva DSF provides protection for unstructured, semi-, and structured data — both on-premises and in the cloud.

Imperva now offers Fortanix Data Security Manager (DSM), a highly scalable data security platform that delivers unified cryptographic and privacy services such as encryption, tokenization, dynamic data masking (DDM), secrets management, and enterprise key management. The solution works across multiple cloud service providers (CSPs) and provides an “easy button” to secure over 100 services. Fortanix DSM is simple to deploy and is offered in two editions — on-premises and a cloud-based SaaS solution — providing data security controls with both backed by a certified FIPS 140-2 Level 3 hardware appliance.

Addressing multiple use cases

Organizations continue to seek the most efficient and effective data security solutions to address multiple use cases such as sensitive data protection, insider threat detection, and data risk management. They must also meet compliance and privacy requirements while operating diverse ecosystems at scale and consolidating legacy tools, all without impacting the speed and agility of the application development team to achieve the highest level of ROI.

Sensitive or Confidential Data

Confidential or sensitive data is data that is mandated to be kept secret either due to  government regulations or data privacy laws, since its disclosure can cause damage to a person, or the company and its stakeholders, or both.

Here are some examples of confidential or sensitive information:

  • Personal identifiable information (PII) including: full names, date of birth, age, sex, Social Security numbers or national identification numbers, phone numbers, addresses, email addresses, medical history or records, insurance provider information, biometric identifiers, credit card information (i.e., account data, card numbers, PINs) or other banking / financial records, contact details of family members, and more.
  • Company information including: future operational plans, intellectual property (IP), budgetary data, salary information, employee records (see PII above), customer data (see PII above), growth plans, marketing plans, partner information, M&A plans, banking information, earnings results, earnings projections, strategies, clients or client relationships, proprietary product formulations, and more.

With the combined strength of Imperva DSF and Fortanix DSM, this data security partnership will benefit organizations that find their traditional controls are no longer sufficient as they move data workloads and applications to the cloud. These data security solutions address data security and privacy regulations such as GDPR, CCPA, PCI DSS, and HIPAA by employing methods to help protect and control data confidentiality, data integrity, and data access across the hybrid multicloud environment.

With the unprecedented explosion of data over recent decades and every day, unknown sensitive data might be anywhere — potentially exposed, and unsecured. But with this new partnership between Imperva and Fortanix, companies can now discover, classify, and secure their data using encryption and tokenization wherever it resides,” says Dan Neault, SVP and GM of Data Security at Imperva. “Using the intelligence and flexibility of Imperva DSF combined with the power of the Fortanix DSM, finding sensitive data and taking the right steps to secure it is now easier than ever.

Building a complete cybersecurity technology ecosystem dedicated to data security and compliance

The Imperva Technology Alliance Program (TAP) enables technology companies, security vendors, and cloud service providers to co-market, sell, and integrate their products and platforms with the award-winning Imperva cybersecurity portfolio to create solutions that deliver added value for customers and generate revenue growth for TAP partners.

We’re thrilled to partner with Imperva and take a best-in-class solution to the market together,” says Anand Kashyap, CEO of Fortanix. “With Imperva’s data discovery and classification capabilities and the Fortanix Data Security Manager SaaS and multicloud offering, customers have an end-to-end solution for securing workloads across the entire Data Lifecycle. This solution will help customers accelerate their data journey to the cloud while meeting the highest level of compliance.” 

Imperva DSF continues to deliver more value to customers through these alliances. Additionally, Fortanix also supports the Imperva Web Application Firewall (WAF) with the ability to store WAF encryption keys.

About Imperva Data Security Fabric (DSF)

The award-winning Imperva Data Security Fabric (DSF) discovers, classifies, and secures all high-value data across file systems, and data repositories. 

Imperva Data Security Fabric (DSF) is a data-centric solution that enables security and compliance teams to quickly and easily secure sensitive data no matter where it resides with an integrated, proactive approach to visibility and predictive analytics. 

Imperva’s Data Security Fabric solution simplifies data governance, security, and workflow management for sensitive data (structured, unstructured, and semi-structured) across multi-cloud and hybrid environments. This integrated solution helps organizations demonstrate compliance with industry regulations, and maintain a strong data security posture through automated processes, audit analysis, and customizable reports. In addition, the Data Security Fabric solution accelerates incident responses, and forensic investigations with centralized management, prioritization of context-aware security alerts, and advanced analytics.

The following capabilities are available as a part of the Imperva’s Data Security Fabric  (DSF) solution: 

  • Data Activity Monitoring (DAM)
  • Data Discovery and Classification
  • Data Access Control
  • Data Risk Analytics (DRA)
  • Mitigation & Response
  • Threat Detection & Prevention
  • Compliance Management

About Fortanix Data Security Manager (DSM)

Fortanix DSM Visual

The Fortanix Data Security Manager (DSM) is a unified data security platform that is DevOps/SecOps friendly, easy to use, and enables customers to centrally implement and manage multiple data security capabilities from a single console. The Fortanix Data Security Manager has redefined data security by utilizing the game-changing potential of Confidential Computing. With Fortanix Confidential Computing technology powered by Intel® SGX secure enclaves, data always remains secure across its lifecycle- at-rest, in-transit, and in-use. 

Fortanix Data Security Manager delivers HSM, Key Management, Encryption, Tokenization and other security capabilities for your hybrid and cloud-native applications, all from the same integrated solution. Primarily delivered as a SaaS offering, the Fortanix DSM also offers other deployment options like an on-premises HSM hardware appliance, software, and virtual deployments. The platform secures data across your IT infrastructure including all cloud platforms (AWS, Azure, GCP), databases (Oracle, SAP HANA, SQL, Server, and more) and applications like ServiceNow, Snowflake, Salesforce.com, and more.

Additional Information

  • Learn more about the Imperva Data Security Fabric (DSF)
  • Learn more about Data Encryption and other Cryptographic solutions
  • Press Release

The post Imperva® and Fortanix Partner to Protect Confidential Customer Data appeared first on Blog.