With each cloud provider having unique data protection mechanisms and key management offerings, multicloud data protection presents a complex security challenge for organizations. Thales’ latest cloud data security solutions allow customers to maintain control of and manage their encryption keys, as well as manage access and authentication across hybrid and multicloud environments.
“These capabilities are critical to cloud migration and security, especially with such accelerated growth in this area,” said Sunil Potti, Vice President and General Manager of Google Cloud Security. “True to our mission, we have forged this collaboration with Thales to further protect our customer’s most sensitive information. We are empowering customers to leverage the full potential of Google Cloud technology for sensitive workloads, by utilising the Customer-Managed Encryption Key-integrated GCP services, CipherTrust Cloud Key Manager and SafeNet Trusted Access for access management and authentication from Thales. This will enable enterprises to deal with a fluid and dynamic business environment where protecting sensitive data in the cloud is of extreme importance.”
Simplifying multicloud security
As customers look to reap the rewards from multicloud environments, Thales is making it easier to ensure protection against reputational risk and financial penalties arising from a cloud data breach. As such, customers will benefit from enhanced capabilities to Discover, Protect and Control sensitive data across multicloud environments, including the ability to:
Discover sensitive data in the cloud and on-premises
Thales Data Discovery and Classification automates the discovery, classification and protection of data in the cloud and on-premises using automation policies that identify sensitive data and protect the data with encryption or tokenisation. These capabilities have now been extended to the discovery and classification of data in Amazon Web Services S3 buckets and Azure Blob storage.
Protect sensitive data and workloads in the cloud
To address both the complexity of where data is stored and to help ensure data sovereignty in a multicloud environment, effective encryption and tokenisation is needed. Specific new data protection capabilities for cloud platforms include:
- CipherTrust Transparent Encryption for advanced encryption and access controls, protects data in Amazon Web Services Simple Storage Service (S3).
- Encryption of Kubernetes secrets and Google Anthos Service Mesh signing keys.
Control access to applications and sensitive data in the cloud
The accelerated adoption of encryption has led to the need to manage a far larger number of encryption keys across both traditional data stores and multicloud environments. Thales has enabled new capabilities that allow organizations to control access to data and ownership of their encryption keys, including:
- Thales is also offering CipherTrust Cloud Key Manager support for Google Cloud’s External Key Manager (EKM), building on the existing CipherTrust Key Broker for Google Cloud EKM which is part of the Thales Data Protection on Demand cloud-based platform.
Secure and protect access at the login point
Compromised identities pose one of the greatest risks for data breaches:
- SafeNet Trusted Access integrates out of the box with Google Workspace, Azure and AWS, enforcing the appropriate access controls and authentication for privileged and regular users.
- SafeNet Trusted Access is offering new abilities to provide authentication and authorisation for APIs and for applications not using industry-standard protocols such as SAML and OIDC.
“The proliferation of multicloud computing has created new organizational challenges in managing data across many different cloud environments. Whilst organizations have benefited from scalability and speed to market thanks to the power of cloud, the ever expanding IT cloud landscape has added greater complexity to data management and security,” said Sébastien Cano, Senior Vice President, Cloud Protection and Licensing activities at Thales. “In a post pandemic, highly regulated world, it is even more important for organizations to understand what data they have, where it sits, who can access it and the risks associated with managing it. Only once an organization understands all of these data lifecycle aspects, can they ensure that it is secured and managed correctly.”