MarkLogic Bolsters Security in MarkLogic® 9 Database Without Adding Cost and Complexity

Print Friendly, PDF & Email

Marklogic_logoImmediately after introducing the preview of the MarkLogic® 9 database, MarkLogic Corporation, a leading operational and transactional Enterprise NoSQL database provider, is further innovating by helping global governments and enterprises integrate data from silos in the most secure manner possible. Through a licensing and technology alliance with Cryptsoft, MarkLogic will embed Cryptsoft’s KMIP (Key Management Interoperability Protocol) technology into the upcoming MarkLogic 9 database. This enables customers to secure data, and seamlessly manage data encryption keys in an interoperable way without needing to deploy costly and complex proprietary key management solutions.

Data leakage is an estimated $160 billion problem. In addition to direct monetary losses, many corporations that experienced high profile security incidents have suffered long-term damage to their reputations as well as non-compliance fines resulting from customer data exposure. In an era where data is the most important aspect of a business, it must be secure in order for companies to be successful.

Encryption key management tools are an effective means of protecting data by improving security, increasing operational efficiency and maintaining compliance. Data is growing (analysts project 1.4 zettabytes of data by 2017) and is residing in numerous places like databases, storage disks and mobile devices. As such, many organizations do not employ “at-rest, aka non-moving” data encryption because managing keys for each of these individual deployments has caused major IT headaches (potentially countless keys from potentially countless devices). Additionally, many database and other IT vendors deploy their own proprietary Key Management solutions that are not interoperable with other systems, so the cost and complexity can be overwhelming.

As a result, for many companies, data is secure while in transit between consumers and business (in-flight), but once it lands with the business it may be inadequately protected (at-rest). Yet, as security breaches increase, the need to protect data that is at-rest increases as some of the most sensitive corporate and customer information remains unprotected. As evidenced by recent high profile security breaches, large stores of sensitive information make tempting targets for hackers and other criminals.

To address this concern, MarkLogic has deployed Cryptsoft technology to protect data at-rest. By embedding Cryptsoft’s Key Management SDKs into the MarkLogic database, MarkLogic customers can manage data security from across the entire enterprise using a comprehensive, standards-compliant KMIP toolkit. This makes data integration and at-rest encryption easier than with other systems that use multiple key management tools while maintaining the same, or better, levels of security.

Cryptsoft is the true steward of KMIP. The company was an early proponent of the standard, continues to drive its evolution, and implements the standard in the way it was meant to be—without additional complexity or cost,” said David Ponzini, senior vice president, Corporate Development and Marketing, MarkLogic Corporation. “Unlike our competitors that add cost and complexity with their proprietary key management systems, we strive for true interoperability. We continue to adhere to the highest possible levels of security without adding more chaos within the IT infrastructure.”

With the Cryptsoft partnership, MarkLogic continues to set the standard for database security. Earlier this year, MarkLogic achieved Common Criteria Security Certification, which is bestowed by an internationally recognized International Standards Organization standard (ISO/IEC 15408) used by governments and other organizations to assess the security capabilities of technology products. MarkLogic is the only Enterprise NoSQL vendor and one of six database vendors to receive the security certification. The MarkLogic database also offers various security models for granular security, such as Attribute-Based Access Control (ABAC), Policy-Based Access Control (PBAC), or Label-Based Access Control (LBAC), as well as mutual and external authentication, powerful auditing capabilities and compartment security options. Additionally, the MarkLogic database powers numerous government agencies, running on systems that are PL3/ICD 503 and DITSCAP certified and accredited—top level certifications for classified systems in the U.S. Intelligence Community and Department of Defense.

In addition to raising the bar for security, the OEM partnership with Cryptsoft ensures long-term viability of the solution. Employing a mature, standards-based solution is a major draw for enterprises looking for encryption that lasts and won’t be subject to individual vendors’ policy and pricing changes. KMIP is developed through the Organization for the Advancement of Structured Information Standards (OASIS), which ensures that industry leaders will continue to develop and shepherd the standard within a reliable, proven and open environment.

The growing need to access large amounts of mission-critical data quickly, coupled with increased requirements to ensure data is protected, is a challenge for big data enterprises to ensure the rapidly growing volume of encryption keys remain secure and available. Adding to this is the requirement that any encrypted data is available over the long term, irrespective of the encryption or key management provider or technology used, doubles the challenge for security professionals,” said Tony Cox, director, Strategy and Alliances, Cryptsoft. “Deploying Cryptsoft’s KMIP conformant encryption and key management technologies ensure that Marklogic’s customers can rest easy, safe in the knowledge that not only are their data resources available quickly and reliably and at scale, but that long-term, industry standard protection is also assured.”


Sign up for the free insideAI News newsletter.

Speak Your Mind