SafeNet is a global leader in information security, protecting data at rest, data in motion, data in use, software and license management with the broadest range of security solutions in the world. The Company protects critical business data, communications, financial transactions, and digital identities through a full spectrum of encryption technologies. In 2007, SafeNet was acquired by Vector Capital, a private equity firm specializing in the technology sector. Vector Capital acquired Aladdin in March of 2009.
SafeNet is the third largest information security company in the world, which brings to market integrated solutions required to solve customers’ increasing security challenges. The organization serves more than 25,000 corporate and government customers in 100 countries. Customers include Apple, Bank of America, Dartmouth College, Ericsson, Fujitsu, Kaiser Permanente, Raytheon, Siemens, Starbucks, U.S. Internal Revenue Service, S.W.I.F.T., Social Security Administration, Departments of Defense and Homeland Security, utilize SafeNet’s security solutions.
Data Encryption and Control
SafeNet data encryption and control solutions focus on sensitive data, providing persistent protection throughout its lifecycle, wherever it resides. Information is protected at every moment—when it is created by an employee on a company laptop, shared with a business partner by e-mail, stored in an enterprise database, processed by an application, and accessed by a field employee on a mobile device.
Data encryption and control solutions cover data center protection for databases, applications, and mainframes as well as endpoint protection for files and full disk encryption.
DataSecure Appliances
SafeNet DataSecure appliances are at the heart of all SafeNet data encryption and control solutions— offering comprehensive security to organizations of all sizes. Additionally, Token Manager offers tokenization capabilities and EdgeSecure offers protection for remote sites.
Using hardware-based encryption, DataSecure appliances cover the broadest variety of data types. They provide a unified platform with data encryption and granular access control capabilities that can be applied to databases, applications, mainframe environments, and individual files. By providing centralized management of keys, policies, and essential functions, DataSecure simplifies administration, helps ensure compliance, and maximizes security.
Key Management
With DataSecure, all cryptographic keys are kept in the centralized, hardened appliance to simplify administration while helping ensure tight security for the broadest array of data types. Key versioning streamlines the time-consuming task of key rotation
Policy Management
Administrators can set authentication and authorization policies that dictate which application, database, or file servers can be accessed by particular users in the clear. When combined with strong authentication, this policy-driven security provides a vital layer of protection. DataSecure also offers granular access controls to help you comply with the separation of duties required in many security mandates. An administrator can create a policy that prevents certain users from accessing sensitive data without interfering with their day-to-day system administration duties.
Logging, Auditing, and Reporting
When encrypting data within an enterprise, data, keys, and logs are often accessed, encrypted, managed, and generated on multiple devices, in multiple locations. To reduce the cost and complexity of security management, DataSecure provides a single, centralized interface for logging, auditing, and reporting access to data and keys. A centralized mechanism increases security and helps you ensure compliance with industry mandates and government regulations.
ProtectDB
Protects Sensitive, Structured Data across Databases
SafeNet ProtectDB software delivers powerful protection for the sensitive corporate and customer information stored in databases. With ProtectDB, organizations have the flexibility to encrypt data at multiple levels and during multiple processes. Centralized key management provided with the integrated SafeNet DataSecure solution helps tighten security and simplifies the encryption of data in virtually any number of databases across heterogeneous environments often found in data centers. Working together, ProtectDB with DataSecure help organizations attain the highest level of security available in a commercial database encryption solution.
Secure collaboration
ProtectDB helps to facilitate secure collaboration with comprehensive protection of the structured data. With ProtectDB, organizations gain the flexibility to encrypt data at the file, or column, level in databases, within the application layer, and during batch-driven data transformation and transaction processes.
Persistent protection
By combining ProtectDB with DataSecure, organizations can ensure that encrypted data remains secure throughout its life cycle while enabling authorized users and processes to decrypt the record when needed. Lifecycle protection increases overall security and facilitates collaboration by eliminating points of vulnerability outside the database.
Separation of duties
Most regulatory mandates require the separation of security administration from database administration to avoid the risks of “super-user” access. ProtectDB allows for “M of N” policies, which prevent any single administrator from making critical configuration changes without additional approvals of other administrators.
ProtectZ – Mainframe Protection
Across a range of industries, mainframe environments have long been the choice for running mission-critical enterprise software. You need ways to protect the healthcare information, financial transactions, social security numbers, and e-mail addresses that resides in mainframe environments so you can retain the trust of your customers, protect your constituents’ identities, and optimize your use of valuable customer information, all while achieving regulatory compliance.
SafeNet ProtectZ software works with the SafeNet DataSecure appliance to deliver robust protection for applications and data in IBM z/OS mainframe environments. With ProtectZ, you gain simple ways to protect some of your most valuable information.
Flexible uses
SafeNet ProtectZ software can be called from any programming language that follows IBM OS standards. The calling application can encrypt or decrypt any information and return it to the appropriate storage device. In addition to protecting production applications, you can use ProtectZ to facilitate testing of new applications, new software releases, or simply to improve data throughput.
Efficient encryption
To move large amounts of sensitive data in and out of data stores rapidly, administrators can capitalize on the DataSecure’s ability to do the encryption and decryption of specific fields in bulk within the flat files that can contain millions of records. By focusing on select fields, you can encrypt and decrypt data efficiently, in a fraction of the time that it might take for the entire file. DataSecure also can be used to encrypt the entire binary files when you do not need field-level granularity.
Information secured
You chose your mainframe environment to deliver high levels of performance and reliability for your most important applications and data. By adopting SafeNet ProtectZ, you gain a robust security solution that matches the power of your mainframe environment.
EdgeSecure Appliances
SafeNet EdgeSecure appliances provide an efficient and cost-effective solution for protecting data across hundreds or thousands of retail stores, remote facilities, or branch offices. With flexible integration, streamlined management, and enterprise-grade reliability, EdgeSecure solutions enable you to bring robust security to the far reaches of the enterprise.
Robust security
EdgeSecure addresses a broad range of data security threats by employing multiple types of encryption and providing secure policy and key management, all from a single appliance. EdgeSecure also enables segregation of duties to avoid potential problems arising from “privileged-user” status. By using EdgeSecure in remote locations, you can raise your level of protection throughout your business.
Streamlined management
Extending robust security to remote locations shouldn’t add IT complexity or require you to hire extra personnel. EdgeSecure helps simplify security management by enabling automated and transparent integration of security with applications. Centralized key and policy management streamline ongoing maintenance, tighten security, and help ensure regulatory compliance.
Performance and reliability
EdgeSecure appliances offload processing-intensive cryptographic functions from servers, enabling applications to perform at optimal levels even in the most demanding environments. Load balancing, failover, and disaster recovery capabilities help ensure high availability of security functions.
Flexible, multi-tier integration
With EdgeSecure, you can incorporate encryption and access control easily at the Web, application, and database level. With support for several leading, standards-based cryptographic algorithms, EdgeSecure lets you use a single appliance to support multi-vendor environments.
Token Manager
Across a range of industries, protecting confidential data such as bank account numbers, member IDs, and social security numbers is of vital importance. Encryption solutions based on the SafeNet DataSecure appliance can play a central role in protecting that data throughout its lifecycle, as it is created, accessed, stored, and shared. To add extra protection for confidential data while reducing the time and cost for achieving regulatory compliance, many organizations will benefit from integrating tokenization into their SafeNet solution.
SafeNet Tokenization helps supplement SafeNet encryption solutions by facilitating smooth application performance and transparent end-user operation while keeping encrypted information secure in one central location. For countries with data privacy laws that require sensitive data remain in-country, tokenization offers the flexibility to offshore storage without compromising on compliance. SafeNet Tokenization offers a range of integration options so you can protect multiple types of data without affecting critical IT components. SafeNet Tokenization also helps simplify audit compliance by reducing the number of auditable systems.
Format-preserving tokenization
Employed for online credit card transactions or transmission of other sensitive data, tokenization works by replacing sensitive data with tokens that retain essential information. With tokenization, you can enable databases, applications, and users to interact with sensitive data without exposing the clear text. Tokenization technology converts the senstitive data to an encrypted token in the same format as the original data, allowing the application to operate seamlessly. Masking features can also be maintained if a subset of the data needs to be available for authentication.
Audit-scope reduction
When facing an audit for PCI compliance, many organizations must identify and certify regulatory compliance for each server where sensitive data resides. Because SafeNet Tokenization replaces sensitive data in databases and applications with tokens, there are fewer servers to audit. Reducing the scope of audits will help save you time and money.
Flexible data protection
SafeNet Tokenization can protect a broad range of information, from credit card numbers, national IDs, and medical records to vehicle driver information, voter registration, and electronic transactions. A variety of integration options give you the flexibility to choose the right security technique for your environment while enabling you to protect more data types without affecting business logic, database architecture, storage systems, or other critical enterprise components. Production data can be moved or replicated to test environments with no additional process to de-identify or mask data while keeping data protected and not incurring any additional processing costs.
Hardware Security Modules (HSMs)
SafeNet Hardware Security Modules (HSMs) provide reliable protection for applications, transactions and information assets by securing cryptographic keys. SafeNet HSMs are the fastest, most secure, and easiest to integrate application security solution for enterprise and government organizations to achieve regulatory compliance, reduce the risk of legal liability, and improve profitability.
General Purpose HSMs, Embedded
SafeNet embedded HSMs are designed for tight integration between an application server and the HSM. Sensitive data is protected cost-effectively, and business processes are uninterrupted, making SafeNet embedded HSMs the highest performance solution in the market for the protection of cryptographic keys.
General Purpose HSMs, Network Attached
When the hardware security module (HSM) needs to be shared between a number of application servers, SafeNet network-attached HSMs safeguard the cryptographic keys used to secure transactions, applications, and sensitive data.
Payment HSMs
For over 25 years, SafeNet’s products have protected and secured transactions around the world. SafeNet HSMs provide powerful end-to-end security for online banking transactions and applications for credit, debit, and chip cards.
Validations and Certifications
SafeNet Hardware Security Modules (HSMs) provide reliable protection against compromise for applications and information assets to ensure regulatory compliance, reduce the risk of legal liability, and improve profitability. SafeNet’s robust FIPS and Common Criteria validated HSM solutions are tamper resistant and offer the highest level of security.
If you have a question or a comment, or would like more information or a demonstration, please let us know by completing the Contact Us box on the upper right side of this page.