I had the opportunity to sit down with Derek Tumulak, SafeNet VP of Product Management - Enterprise Data Protection,during the RSA Conference a week+ ago. The meeting was facilitated by SafeNet Sr. PR Specialist Matt Pugh. I am very grateful for the opportunity to get the inside scoop. Moreover, I was excited to see that Data Secure lives on.
For a little background, Ingrian Networks was acquired by SafeNet on April 3, 2008. Ingrian was most notable for their "Data Secure" product line, which is centered on an appliance solution for encryption and key management. The rumormill suggests that the acquisition shook itself out in earnest mid-Summer 2008, and the resulting confusion caused me to exclude SafeNet from a customer project last Fall (the local sales rep literally said "I don't think we're doing that any more" to which I replied "pity, the Ingrian product was the best in the market"). It sounds like that confusion has now been resolved, with Data Secure back, and in a better position overall.
Going forward, SafeNet's mantra is "enterprise data protection." They foresee Data Secure as being central to the enterprise, serving in myriad data security roles, well beyond the original crypto focus. To that end, they plan to converge their HSM solutions, as well as to look at bringing in new solutions to build-out the offering. One such idea bandied about is integrating a next-gen DLP solution to round out their data control capabilities. SafeNet is also looking at ways to integrate data discovery, management, and control capabilities, all through the central Data Secure appliance line. If you think about it, this is an awesome idea: one central interface for monitoring and controlling data across your network. Convergence between DLP, crypto, and other data control (dare I hope for IAM and other related access controls some day, too?) - all based on security policies, of course - could make life much, much easier if done properly.
One interesting development in the Data Secure line is in the key management capabilities. The keys can now be stored locally, or securely distributed over an SSL-wrapped connection. SafeNet is also participating in the OASIS KMIP tech committee, undoubtedly to interface with devices that need encryption keys. Look for updates from SafeNet as various standards come to fruition (KMIP, keyprov, EKMI, P1619.3, etc.).
Data Secure now also uses metadata to describe keys and encrypted blobs to better track which keys are in use and where. Even more interesting, SafeNet can now work directly with some databases to facilitate assessment of which keys are in place, as well as if data needs to be re-encrypted with a new key (the DBA still retains control, however, by inputting the necessary credentials when prompted).
Overall, SafeNet appears to be quietly growing into a major player in the security market, not only building on their excellent product lineage, but having a vision that makes sense. Look for an announcement from them later this year as they expand their data control capabilities.
Comments (2)
Since Data Secure, was a rock and still is a rock solid product(the reason why SafeNet acquired them), why on earth would you think they product would not live on??
I mean, really why?
Posted by LH | May 4, 2009 3:54 PM
Posted on May 4, 2009 15:54
@LH - I was shocked and appalled that such a thing could happen. *shrug* You call the sales rep, you ask a question, you get a weird answer, you exclude the vendor and move on. In this case, it was no big deal as the project ended up suspended later in the year, but yes, it certainly makes one wonder.
Posted by Ben | May 4, 2009 10:59 PM
Posted on May 4, 2009 22:59