Any government agency or business that manages or stores sensitive personal information and consumer data has to be alarmed at the headlines from the past few years. Major companies including Target, Equifax, Yahoo, Sony, and government agencies like the Department of Homeland Security, the Democratic National Committee and the US Office of Personnel Management have all suffered major breaches of their computer systems—breaches that exposed the personal information of hundreds of thousands of individuals. Social security numbers, credit card information, driver’s license records and more were lost to the tune of untold billions and incredible reputational damage.
And those are just the bigger breaches that made the news. Thousands of smaller companies, like the pizza joint down the street to local school systems, have also been victims of cyber and ransomware attacks. These incidents, large and small, have cost millions of dollars in recovery expenses and lawsuits, to say nothing of the tarnished reputations and shattered trust the breaches inevitably cause. In fact, the average cost of a data breach is predicted to soar to $150 million by 2020.
At the same time, government agencies are proposing tough new regulations and compliance rules to better control personal data handling and aid in cyberattack prevention. These updates include rules from the National Institute of Standards and Technology and the European Union’s General Data Protection Regulation (GDPR). The new regulations potentially carry heavy fines, up to $20 million, for each data breach incident.
Keeping up with the latest cybersecurity challenges and compliance rules is a challenge for even the largest and most robust IT departments. For many organizations, it usually results in a patch-work quilt of loosely coupled products, patches and third-party software that degrades system performance, needs constant updating and in the end, is largely ineffective in the face of data growth and evolving cyber threats.
There is a better solution.
Introducing the Secure Data Protection Platform (SDP2)
Attendees at this year’s RSA Conference in San Francisco will discover RackTop’s network-attached storage solution with built-in encryption and key management. Their Secure Data Protection Platform (SDP2) combines encryption key management from Fornetix, a high-performance software-defined storage platform from RackTop, and disk drives and enclosures from Seagate.
The result is a platform that provides the U.S. government, civilian agencies, military agencies, and contractors with a powerful combination of RackTop’s high-performance storage with FIPS 140-2 certified self-encrypting drives. The integrated solution with Fornetix and Seagate makes it easier to dynamically manage and re-key drives without compromising data security, a traditionally cumbersome and difficult process. And perhaps best of all the SPD2 replaces traditional NAS data storage in both physical and virtual environments with a “drop-in” storage system that can be installed and running within 30 minutes.
Racktop’s high-performance storage uses AES-256 to encrypt all data without losing speed and security, and can be used for:
Storage for virtual machines
Large data repositories
SDP2 is based on RackTop’s BrickStor unified storage operating system. FIPS-compliant encryption protects data at rest and in motion throughout the SDP2 platform. Embedded security and compliance capabilities: enable ransomware rollbacks, policy-based data protection and external/internal attack mitigation through user behavior monitoring.
What’s more, SDP2 is compliant with the Trade Agreements Act (TAA), the Buy American Act (BAA), NIST 800-88 (guidelines for media sanitization), NIST 800-171 (protecting unclassified data on nonfederal IT systems), FIPS 140-2 (federal standard for approving cryptographic modules), and the European Union’s upcoming GDPR.
Jon Bourke, CIO of Encompass Digital told TechTarget that SDP2’s combination of compliance and data protection with rapid storage capabilities opens up new market opportunities for his company.
“Having compliance built into the core RackTop platform lets us support healthcare and other industries that need to protect personally identifiable information,” he said. “If you live in fear of [exposing] consumer data, like I do, having a built-in compliance layer is really helpful.”
SDP2 addresses compliance, storage and security issues with one punch.
RackTop: The All in One Data Storage and Management Solution
RackTop’s flagship products offer an all-in-one data storage management and cybersecurity platform solution integrated with advanced encryption and compliance features – all with a user-friendly design and intuitive interface.