StrongAuth, Inc. continues its practice of providing unprecedented capability in encryption and key-management at an unprecedented value by announcing the StrongAuth KeyApplianceTM, its next generation integrated appliance for compliance to PCI-DSS, 201 CMR 17.00, HIPAA/HITECH, FISMA, the EU Directive, California's SB-1386 and similar data-security regulations for the protection of sensitive data.
The StrongAuth KeyApplianceTM includes the ability to:
Cluster appliances to make the cryptographic services highly-available without any failover latency;
Scale linearly within the cluster to meet demanding transaction throughput;
Leverage public clouds for processing most of an application's business functions, and storing data, while proving compliance to regulatory requirements;
Encrypt and store trillions of sensitive data records on the appliance using strong NIST-approved algorithms, such as the Advanced Encryption Standard (AES);
Tokenize sensitive data on the appliance to minimize the impact on applications; (tokenization is the ability to replace sensitive data with equivalent non-sensitive data whose appearance and characteristics resemble that of sensitive data, but are meaningless if exposed);
Automate key-management - key-generation, escrow, recovery and access-control - of millions of symmetric encryption keys on the appliance;
Use an integrated cryptographic hardware module with a true random number generator, for protection of cryptographic keys;
Replicate data and keys within the cluster through secure and robust messaging services;
Host multiple encryption domains within a cluster, allowing for servicing different security needs;
Use color-coded USB-tokens to store the strong cryptographic credentials of Key Custodians for securely and easily managing the cryptographic hardware module from remote locations;
Integrate the appliance to existing identity management systems, such as Active Directory or other LDAP-based identity management systems; and
Use a GUI-based administration console for the easy and secure management of the appliance.
StrongAuth announced the newest generation of its KeyApplianceTM, with its unprecedented blend of features, is still available at the price of $9,995 per appliance.
Since the state of California first passed a Breach Disclosure law – also known as Senate Bill 1386 – in 2003, more than 2300 breaches to sensitive data have been disclosed that have affected more than 512 Million sensitive data-records, according to www.privacyrights.org. Retail merchants such as TJX have paid out more than $115M in fines and settlements for a single data-breach that exposed 45M consumers' credit card numbers. Heartland Payment Systems' breach of 130M records caused it to settle for $60M with Visa, $41M with Mastercard, $5M with Discover, $3.6M with American Express and $2.4M in a class-action settlement with card-holders.
Security regulations have consequently focused on data-protection through the use of encryption. When implemented properly, encryption has the ability to secure data; however, the challenge has always been with the protection and management of the cryptographic keys responsible for decrypting sensitive data. While the industry has come up with many schemes and technologies – sometimes expensive - to address those needs, the StrongAuth KeyAppliance continues to remain the leader in including all major desired cryptographic features at this price.
So, where do you get more information? Right here:
Download the Data Sheet to get details on the appliance
Read the FAQ on the KeyAppliance
Check out the WSDL for the web-service supported by the KeyAppliance
Check out the supporting XSD
The story at Dark Reading on the appliance
Read the HMAC FAQ on the KeyAppliance
Review the sample client applications given below to see how easy it is to program to the web-service:
Java Client Application
C# Client Application
Ruby GEM Application
PHP Client Application
How to buy
If you find another appliance with the same capabilities as the StrongAuth KeyAppliance at a lower price, contact us with proof; we will give you one of our Model-T appliances for free! (You will be responsible for shipping, taxes and support costs, of course). Please note, that to use our single free appliance, you will need to buy at least one more appliance. Because of the way the KeyAppliance is architected for redundancy, it cannot be setup and used as a solitary machine - it must have the second appliance's master-key for replication before it will allow you to configure the first encryption domain. (While you may think that this is a low-down trick, we designed this for your own protection - honest!).