Using Data Encryption to Maximize Virtualization and Cloud ROI: Interview with Rami Shalom of SafeNet

Rami Shalom (Profile)
Tuesday, November 27th 2012

VSM: Can you tell us a little about SafeNet and why your company is an expert in data protection?

RS: SafeNet is one of the largest data protection companies exclusively focused on the security of high-value information assets. We have more than 25 years of innovation to solve the most complicated security, compliance, and governance problems. More than 25,000 customers in 100 countries trust SafeNet to protect their most valuable information. We secure the most financial transactions, eighty percent of all electronic banking transfers, about one trillion dollars daily. We protect the most digital identities and the most high-value software. SafeNet employs 550 security engineers that develop cutting-edge technologies and patents.

VSM: What security trends can you share with us from speaking to your large customer base?

RS: Our customers span all industries, all around the world. The three segments that are asking us to help them get the most from their virtualization investments are mid-market to large enterprise, service providers, and governments. Each has slightly different requirements, but they all agree on solving the same problems, how to control data in an environment designed for maximum agility! Enterprise customers have moved to virtualization solutions aggressively, which is creating a big market for incumbent SPs and new entrants, and now we are seeing government agencies from around the world more aggressively pursuing cloud and dense virtualization solutions. This agile virtualized environment has proven to offer great ROI and new business models. However, customers are either hitting a wall or violating best practices as they virtualize more of their environment.

When non-production data and applications, like test and development, were moved to private or public clouds, there were fewer concerns about security, governance, and compliance. But now IT departments are telling us of one of two experiences. They are halted by their SecOps group from moving more applications into their virtual environment of choice because they can’t prove they have control of the data once it is virtualized, a violation of compliance and governance rules. Or the organizations are moving sensitive data into virtualized environments without their SecOps groups knowing about it, creating very dangerous situations for their organization. This is reminiscent of the days when people set up rogue access points under their desks so they (and war-driver hackers) could have wireless access to their organization.

For the SPs, the concerns listed above are reasons that customers give for not adopting virtualized services. The lack of data control with virtualized services slows down the migration of new customers and reduces the volume of usage from existing customers. Many of our SP customers see overcoming the lack of control in a cloud environment as an opportunity to differentiate their service or to create new service opportunities.

Globally, governments have been a little slower in virtualizing their infrastructure. However, the ROI is too strong for them to ignore the value proposition any longer; yet they can’t ignore the security implications. We are working with government System Integrators (SIs) and government agencies to create solutions and architectures for them to maintain the same level of control in their virtual environments as in their current physical environments.