Sensitive data stored in HPE deployments must be encrypted edge-to-cloud. For encryption to successfully secure sensitive data, the cryptographic keys used to encrypt/decrypt data must be secured, managed and controlled by the data owner. Thales TCT’s CipherTrust Data Security Platform unifies data encryption and unprecedented granular access controls with centralized key management—all on a single platform. This results in fewer r...

High speed networks are the critical foundation that supports many of an agency’s most vital communications and operations. However, this foundation is at risk of surveillance and attack by increasingly sophisticated cyber criminals and well-funded nation states. These network connections, if unprotected, are proving to be highly vulnerable, leaving sensitive assets exposed. So, what is the best way to protect network traffic? Encrypt ev...

Although federal agencies are deploying cloud solutions at a rapid pace, they are often hesitant to move their core cryptographic infrastructure to the cloud—namely their roots of trust. Hardware security modules (HSMs) are used as a root of trust and generate, store, protect, and manage cryptographic keys used to secure sensitive data and critical applications. HSMs are traditionally deployed on-premises but they can be safely deployed...

With recent vulnerabilities such as EUCLEAK and Executive Order 14028 deadlines, phishing-resistant Multi-Factor Authentication (MFA) is top-of-mind in Federal IT. Although FIDO is the golden solution for phishing-resistant MFA, federal agencies with outdated infrastructures instead rely on PKI to defend against phishing and other cyber-attacks. Furthermore, FIDO may not be able to support specific operations that PKI does, such as digital sig...

Databases are key targets for hackers looking to steal data. However, there is insufficient emphasis by the MITRE ATT&CK Framework on the Collection tactic regarding access of data from a database. Hackers collect data through eavesdropping/man in the middle attacks of data in transit, by capturing data at the point of collection (such as point of sale devices), exfiltrating files containing sensitive data, etc. But the motherlode is the d...