PrivateCore
HomeUse Case OverviewProtecting Server Data and Controlling Enterprise Insiders

Protecting Server Data and Controlling Enterprise Insiders

Enterprises deploying servers on premise and in co-location facilities face the prospect of malicious insiders wishing to pilfer server information.  Anyone with physical access to servers has the opportunity to tamper with and compromise sensitive data.  Motivations run the gamut from greed, ideology, and fame, but the common objective is to exfiltrate sensitive server information from the enterprise.  

PrivateCore vCage

Servers can process and manipulate sensitive information including:  

      • Personally identifiable information (PII): Loss of PII can trigger state data breach laws or national data protection laws
      • Non-public Information (NPI): The loss of NPI such as financial information can trigger regulatory action
      • Proprietary Information: Intellectual property provides competitive advantage, and the loss of such property can lead to lost competitive advantage and revenues
      • Electronic Protected Health Information (ePHI): Both employee and client ePHI are subject to regulatory oversight
      • Encryption keys: Stealing of encryption keys for data-at-rest while in memory can enable hackers to decipher and access encrypted data stored on disks

Data Loss Prevention (DLP) solutions can help stop a breach at the endpoint or gateway while data-at-rest encryption can help prevent data exfiltration. However, a security gap remains as server hardware can be compromised by anyone with physical access.  While server data-at-rest might be secured with encryption, information including sensitive data, digital certificates, and encryption keys are unprotected and “in the clear” when in use.  

The Insider Security Challenge: Controlling Privileged Insiders

Enterprise datacenters and colocation facilities provide the server heartbeat of today’s enterprises, but face the risk of malicious insiders wishing to extract sensitive information.  Physical access to a server enables perpetrators to compromise data-in-use. People with physical access to servers in on-premise datacenters and off-premise colocation facilities can include contractors, colocation staff, service technicians, janitorial personnel as well as enterprise IT staff.  

While the bulk of personnel have good intentions, one event compromising sensitive data can be catastrophic.  Countermeasures such as biometric systems and locked cages might protect against some threats, they do not provide robust security to counter the possibility of malicious insiders pilfering information.  In addition, such systems do not provide visibility to lawful requests for enterprise information when data is stored outside of the enterprise walls in colocation facilities.  

The PrivateCore vCage Solution

PrivateCore vCage protects sensitive server information located in datacenters and co-location facilities, enabling enterprises to securely deploy servers in any environment that would otherwise be off-limits due to security concerns. The PrivateCore software-only security solution encrypts all memory contents, mitigating against the possibility of compromised data-in-use.  vCage memory encryption enables enterprises to deploy more servers while maintaining a robust security posture.

PrivateCore vCage Benefits

      • Improved Security Posture:  Improved server protection reduces the security risk, minimizing the possibility of a costly data breach
      • Increased Revenue & Business Agility: Quickly deploying more servers that securely process sensitive information speeds business and generates more revenues
      • Reduced Costs with Improved Deployment Models: Businesses can avoid the cost of colocation cages and other physical security measures and flexibly deploy servers to improve performance while maintaining security around sensitive data