Zettaset: Advanced Big Data Encryption, Plus Protection Against Data Tampering
Govciooutlook

Zettaset: Advanced Big Data Encryption, Plus Protection Against Data Tampering

Jim Vogt, President & CEO, ZettasetJim Vogt, President & CEO
In recent years a staggering number of federal government agencies, including the Office of Personnel Management (OPM) and the Internal Revenue Service (IRS) have faced security breaches in their big data systems. Against the backdrop of the rising wave of cyber-attacks, government agencies have been reluctant to embrace open source big data platforms like Hadoop. “The security vulnerabilities of Hadoop and the weaknesses of open source transparent data encryption (TDE) makes it unsuitable for adoption in government and enterprise applications that involve personally identifiable data, have regulatory compliance requirements, or both,” begins Jim Vogt, President and CEO, Zettaset. Because Hadoop is built on a distributed computing architecture, traditional security approaches may also fall short as a result of their older design limitations. What enterprises and government agencies dealing with big data need today are vendors with specialized domain expertise in data protection that know how to develop a highly-scalable encryption solution for massive data stores. Zettaset, an ISV and a leader in big data security, offers robust encryption solutions that are uniquely designed and optimized to safeguard today’s complex distributed-computing environments.“We do it with an exceptional team of security experts and leverage our in-depth knowledge to deliver data protection products that are compatible with NoSQL and relational database environments as well as Hadoop.”

Vogt says, “The focus of cyber criminals is shifting from data theft to data manipulation.”Encryption alone might not be sufficient to prevent data tampering associated with high-profile data breaches and malicious hacks. In order to protect against data tampering and to maintain data integrity, Zettaset utilizes Authenticated Encryption using Associated Data (AEAD) methodology to protect the encrypted data against unauthorized modification.

The company renders security through two big data encryption products—BDEncrypt and BDEncrypt Plus. While BDEncrypt acts as a partition-level solution to enable bulk encryption of stored data, BDEncrypt Plus offers granular encryption at the file level to ensure additional layers of data protection.


BDEncrypt Plus is the only encryption solution that cryptographically protects Access Control Lists (ACLs) to safeguard data from unauthorized tampering, from within or outside the organization


“BDEncrypt Plus is the only encryption solution that cryptographically protects Access Control Lists (ACLs) to safeguard data from unauthorized tampering, from within or outside the organization,” he adds. Besides fortifying ACLs against malicious attacks, BDEncrypt Plus makes use of the Galois/Counter Mode (GCM) for encryption to deliver enhanced performance and efficiency for customers deploying the solution.

Zettaset has established strategic partnerships with leading encryption key management and hardware security module (HSM) vendors, including HPE Security, Gemalto (SafeNet), Thales e-Security, and Utimaco. Zettaset’s encryption solutions are based on industry standards for interoperability, greatly simplifying integration with existing IT security infrastructure and policy frameworks. Zettaset’s BDEncrypt and BDEncrypt Plus solutions adhere to the Key Management Interoperability Protocol (KMIP) as well as PKCS #11, one of the Public-Key Cryptography Standards guided by the Organization for the Advancement of Structured Information Standards (OASIS). These standards ensure that Zettaset encryption solutions are fully-compatible with an organization’s existing key management and HSM infrastructures.

Zettaset to date has filed 10 patents, out of which five have been granted, each one associated with security, encryption processes, and performance in distributed computing environments. “Our company expertise on cryptographic procedures, encryption methodology, and data integrity protection enables us to maintain an increasing advantage over our competitors,” says Vogt.

In addition to helping enterprises that need to secure massive amounts of personally-identifiable information, the company is focusing on federal government agencies that are vital to the nation’s security, and who are vulnerable to malicious attacks and data manipulation. “We are moving aggressively in this new direction,” reaffirms Vogt.