[PPT] - History, Heresy & The Future of Data Encryption Martin Hellman PowerPoint Presentation

SLIDE 1

History, Heresy & The Future of Data Encryption

Martin Hellman

Professor Emeritus, Stanford University Co-Inventor of Public Key Cryptography

Michael Callahan

CMO and VP, CREDANT

Gretchen Hellman

VP of Marketing and Product Management, Vormetric

SLIDE 2

Agenda

The State of Encryption Today
Historical Perspective: The Inside Story on Inventing Public

Key Cryptography

Psychology, Risk and Encryption
What Works in Cryptography
CREDANT and Vormetric: Changing Perceptions in

Cryptography

SLIDE 3

Data Center

3

The Business Problem

Employee Contractor Partner

Prospect List Intellectual Property Customer Credit Card Information Social Security Numbers Classified Government Information

Airport Internet Cafe Home Office Site Transit

Patient Records ALL Sensitive Corporate Data

SLIDE 4

Compliance Regulations Expanding

4

Data Compliance Laws are Driving the Market

Many National Laws/Initiatives/Acts/Programs

HIPAA, PCI, GLBA, SOX, FISMA, BITS

44 states, DC, Puerto Rico and the Virgin Islands have laws* States with no law yet

Alabama, Kentucky, Mississippi, Missouri, New Mexico and South Dakota

SLIDE 5

Why aren’t all Enterprises Encrypting? Perception of encryption is behind advances in technology

Hard Expensive Unmanageable Easy Economical Transparent

Perception - History Reality - State of the Art

SLIDE 6

Introducing Professor Martin Hellman

Co-Inventor Public Key

Cryptography

Professor Emeritus, EE,

Stanford University

Selected Awards:

IEEE Fellow, Marconi Fellow, Electronic Frontier Foundation Pioneer Award, Member of National Academy of Engineering

SLIDE 7

Early 1970s: Looking Into the Future

SLIDE 8

Finding Other “Fools”

Merkle Diffie Hellman

SLIDE 9

Early Feedback About the Idea

SLIDE 10

Identifying the Issues

Ad-hoc communication with

unknown users over computer networks

Symmetric key distribution

could not work

SLIDE 11

Solving the Problem

Identified the need to develop a 2 key system
How could it be mathematically derived?

An important suggestion from Professor John Gill Stanford University

SLIDE 12

1976 – New Directions in Cryptography

“We stand today on the brink of a revolution in cryptography”

SLIDE 13

Building on the Foundation

PKI
Digital Signatures
SSL
Elliptic Curve

SLIDE 14

Risk, Psychology and Encryption

Resistance to addressing

risk

Cassandra, teenage

immortality, nuclear risk, soaring and cryptography

What we can do?

SLIDE 15

Cryptography Today – What Works

Integrated
Transparent
Automatic

SLIDE 16

Martin Hellman’s Work Today

NuclearRisk.org
Recent work:

Soaring, Cryptography and Nuclear Weapons

SLIDE 17

CREDANT and Vormetric Changing perceptions about Encryption

Innovative approaches

CREDANT – Endpoint Encryption Vormetric – Servers and Storage

Focused on making encryption work

Manageable, transparent, secure

“Vormetric made our key management and encryption as simple as it can be.” — Troy Larson, VP of Information Systems, Metabank “The CREDANT software is very transparent — most people don’t know it’s on the machine.” — David Fennel, IT Security Coordinator, Talisman Energy

SLIDE 18

18

CREDANT Overview

SLIDE 19

19

CREDANT Company Overview

2007 Data Security

Leadership Quadrant

2007 & 2008: #1 Fastest Growing Private (Security) Company

Testergebnis: 8.6 Very Good

Founded - September 17, 2001

To enable customers to manage security of data on any device

Product Line - CREDANT Mobile Guardian (CMG)

Data-centric, policy based, centrally managed data protection solution that "Protects What Matters"- your critical information

Financial and Strategic Investors

Leading Venture Capital Firms

Austin Ventures, Menlo Ventures, Crescendo Ventures

Cisco Systems & Intel Capital

Accomplishments

More than 775 customers worldwide Protecting >5 Million endpoints globally Solution recognized by leading industry experts

SLIDE 20

CREDANT’s Diverse Customer Base Spans Major Industries and Geographies

Aerospace & Defense State and Local Government Universities Consumer Industries Drugs & Healthcare Energy Financial Services Telecommunications, IT & Media Public Sector Retail & Leisure 20

SLIDE 21

CREDANT’s Data-Centric Encryption

More secure than other options

Disadvantage:

Encryption only on system

level - no awareness of user

r type of data
Only available for Desktops

and Laptops

System administration

significantly impacted

No separation of system

and security administration

No protection against copy
nto external media

Full Disk Encryption

Complete encryption of hard disk, including boot and system files

File & Folder Encryption

Files and Folders specifically selected by the user are encrypted

Disadvantage:

Security dependent on user

behavior

Temporary application files

can leak information

No central administration or

key recovery

Impossible to enforce or

prove compliance

The CREDANT approach combines the best of “Full Disk Encryption“ and “File & Folder Encryption“ and overcomes their significant problems CREDANT’S Data-Centric Encryption

Data automatically encrypted based on

policies

Encryption awareness of users, groups,

systems and data types

System remains accessible for system

administration

Central Administration for all devices

and storage media with automated key escrow for guaranteed recovery

Automatic detection and enforced

protection of external media

SLIDE 22

22

CREDANT Simplifies the Solution

Full Compliance Reporting Transparent to End-users No Operational Impact All Solutions Managed within One Web-based Console

SLIDE 23

Vormetric Overview The Best in Enterprise Encryption

Mature and Proven

Founded in 2001, production deployments since 2003 Over 500 enterprises use Vormetric solutions

Innovative Architecture

Transparent to applications, databases, storage and users High performance, extendible, and rapidly deployable

Strong and Growing

Unparalleled partnerships Diverse expanding customer base standardizing on Vormetric

SLIDE 24

THE solution for DB2 and Informix
THE solution for NetBackup

Strong Validation

THE solution for securing the execution

environment for Oracle DataVault

SLIDE 25

Secure, centralized

policy and key management

High performance
Heterogeneous
Rapidly deployable
Extensible

Any File, Any Database, Any Application, Anywhere!

Vormetric Data Security

SLIDE 26

Vormetric Simplifies Data Security

Oracle DB2 Informix Sybase SQL Server MySQL ERP CRM CMS Care Management CAD POS VoIP Dev Apps Homegrown Applications File Shares Flat Files

Point Encryption

HR Apps

SLIDE 27

The Vormetric Approach

Users Apps

File System

Databases

Volume Manager

Encryption
Access Control
Audit
Centralized

management

SLIDE 28

DB2 Oracle

Vormetric’s Extensible Solution

DAS ERP SAN NAS SQL Sybase IIS Apache WebLogic File Servers FTP Servers Email Servers CRM Payments Other CMS Custom

Log Files
Password files
Configuration files
Archive
Data files
Transaction logs
Exports
Backup
File shares
Archive
Content repositories
Multi-media

MySQL VM

“ ”

Future scalability to apply this solution where additional needs may arise was a significant consideration

Thomas Doughty, CISO, Prudential

SLIDE 29

Summary

Making encryption easy and effective from the

endpoint to the core

No impact to existing operations
Keeping you compliant, out of the headlines and

protected

SLIDE 30

Thank You!

CREDANT

info@credant.com
www.credant.com
866-CREDANT (273-3268)

Vormetric

info@vormetric.com
www.vormetric.com
888-267-3732

Q&A

For More Information Contact: