Dataguise unveiled DgSecure, a new product to counter the risk of data breaches to NoSQL data stores. The first implementations of DgSecure for NoSQL support Cassandra/Datastax NoSQL deployments.
Using the product’s templates, organizations can select specific sensitive elements for policy-based protection of information such as credit cards, social security numbers and medical data.
Once these elements are discovered and cataloged, DgSecure for NoSQL provides dynamic protection of the sensitive data through an intercept agent. This agent provides access to authorized users and creates masked, de-identified, or encrypted values for protecting data as it is being written out to the users and applications that access data in NoSQL data stores.
"DgSecure was originally conceived by engineering management at Oracle, who saw a market gap around sensitive data at the data element level in Oracle databases," Jeremy Stieglitz, vice president of products for Dataguise, told eWEEK. "Today, there is an entire industry focused on data-centric security and Dataguise has expanded to control databases, files in directories and Sharepoint, and now, a major focus on big data in Hadoop, Amazon S3, and NoSQL repositories."
The new platform allows administrators to detect all sensitive data, such as credit card information and social security numbers stored in NoSQL and proactively discover all new sensitive data being written to the database.
Organizations can also protect sensitive data access for all applications though the company’s Dynamic Data Protection (DDP) for NoSQL.
Sensitive data is passed in the clear for authorized users and dynamically blocked and de-identified with masking or advanced encryption for users without authorization rights to that data.
Additionally, authorized administrators can see all sensitive data requests for NoSQL in one location. This includes who is requesting sensitive data, how much, and which users were granted access.
DgSecure for NoSQL is an enterprise-grade solution, which meets requirements for regulated industries, thereby enabling data privacy and compliance operations.
Key aspects of the solution include policy management, sensitive data discovery, authorization management, automated deployment and management, granular reporting, cloud compatibility and a scalable and performant architecture.
"Clearly, the risk and reward tradeoff for keeping sensitive data needs to be re-examined. In that re-examination, I think that businesses will determine they are keeping and storing too much sensitive data, and too much in the clear, for the business value it delivers back versus breach risk," Stieglitz said. "Our recommendation is that businesses should analyze what data can be masked, encrypted, or deleted, as a starting point, for better risk management."