Real-time Data Security with No Impact on Application Performance
Security is top-of-mind for many organizations, especially in finance, government, defense and healthcare industries. There are often strict policy requirements or regulations to keep data secure at all times to protect against theft even during drive replacement or routine hardware maintenance.
Tintri’s® SecureVM™, provides the power to encrypt data at rest in real time, conforming to highest security standards to satisfy your toughest policy and regulatory requirements.
Tintri has partnered with Gemalto, makers of the leading external key management suite, SafeNet KeySecure. With KeySecure, easily lock down your data if one or more drives are stolen, or even if the entire array is compromised. Cryptographically lock your array (will not boot), simply by disabling key export in your Gemalto console. KeySecure uses the open platform KMIP, is FIPS 140-2 validated, and allows you to consolidate key management across heterogeneous storage and other secure appliances.
External key rotation and security via Gemalto’s award winning KeySecure platform
Data is encrypted inline using AES-256 bit algorithms without any impact on performance or capacity
SecureVM works in conjunction with self-encrypting drives on Tintri VMstore storage platforms
Inbuilt key rotation mechanism to manage keys and rotate keys on demand from the UI if the key is compromised for any reason
No Performance Impact
No wait time before all data gets completely encrypted or “data outage period” that causes nightly script to crash
Effective capacity remains the same
No performance penalty for turning on encryption
Turn on encryption of data at rest anytime to instantaneously meet your compliance regulations
SecureVM is truly simple to activate and manage, just like you would expect from Tintri
Tintri interface, single click key rotation saves time, and reduces complexity
“Encryption with Tintri SecureVM was as simple as turning it on. Click. Click. DONE. We had no performance degradation whatsoever, and encrypted at rest data makes our compliance department very happy!”
Scott Zemke, Systems Engineer, University of Arkansas Sam M. Walton College of Business Technology Center