EMC Symmetrix Data at Rest Encryption Achieves FIPS 140-2 Validation
EMC First to Deliver Validated Data at Rest Encryption for All Drive Types and Speed—Including Flash
- The EMC Symmetrix Data at Rest Encryption module1 has been FIPS (Federal Information Processing Standard) 140-2 validated by the Cryptographic Module Validation Program (CMVP)2. FIPS 140-2 is an internationally recognized validation of cryptographic modules and is required for all sales of cryptographic modules used for data protection into the US federal market.
- EMC is the first enterprise storage vendor to achieve a FIPS 140-2 compliant encryption solution for all drive types—including Flash technology—offering both security and performance advantages gained through the use of EMC FAST VP (Fully Automated Storage Tiering for Virtual Pools).
- The FIPS 140-2 validated EMC Symmetrix Data at Rest Encryption module3 protects information from loss or theft, and enables cost-effective elimination of customer data when retiring an array.
EMC Corporation (NYSE: EMC) today announced that EMC Symmetrix Data at Rest Encryption module for VMAX is now FIPS 140-2 compliant and validated by the Cryptographic Module Validation Program (CMVP), a joint effort of the National Institute of Standards and Technology (NIST) and the Communications Security Establishment Canada (CSEC). Now customers can be confident with FIPS140-2-validated encryption while taking full advantage of EMC's automated storage tiering technologies for price and performance optimization, including EMC FAST VP, in a secure and trusted environment. EMC continues to strengthen protection around customers' most valuable asset – their information – to deliver the industry's most secure and trusted enterprise storage array. Customers have the assurance that an independent, globally recognized third party (CMVP) has examined the EMC Data at Rest Encryption method in detail and validated that it complies with strict cryptographic requirements.
FIPS 140-2 is an officially recognized North American standard that validates proper use of standard, peer-reviewed methods of encryption. FIPS 140-2 validated encryption of data at rest is required for compliance with many security standards, especially in the US federal market.
Symmetrix Data at Rest Encryption
EMC Symmetrix Data at Rest Encryption for VMAX protects information from unauthorized access for customers across industries that collect, store, transfer, and share sensitive information. Customers who have been limited by self-encrypting drives in other storage arrays can now realize the benefits of validated encryption and industry-leading auto-tiering with EMC VMAX. It provides hardware-based, back-end AES-256 encryption (Advanced Encryption Standard), while protecting information from unauthorized access when drives are physically removed from the VMAX storage system. The solution uses individual keys for every drive, minimizing risk, and has two possible key management configurations:
- An automatic, internal embedded key management option.
- Integration with a customer's existing RSA key management infrastructure, RSA Data Protection Manager.
Will Sanders, Senior Technology Specialist and Storage Architect at Geisinger Health Systems
"At Geisinger, protecting our patients' privacy is a top priority. Geisinger leverages EMC Symmetrix Data at Rest Encryption to help protect our patients' data. Now that the encryption is FIPS 140-2 validated, it allows us to meet HIPAA/HITECH compliance, and reassures us that the encryption is solid. For Geisinger, Symmetrix Encryption means that VMAX storage media is encrypted when leaving the site—ensuring that our information is not leaving. This protection, along with the fact that it doesn't affect our applications' performance means that we have the tools necessary to secure critical data."
Brian Gallagher, President, Enterprise Storage Division at EMC
"Achieving FIPS 140-2 validation reinforces EMC's commitment to deliver the industry's most secure and trusted enterprise storage array. No other storage vendor offers Data at Rest Encryption with auto-tiering capabilities, enabling customer to optimize their storage system's performance and efficiency—securely—while exploiting the benefits of Flash drives. FIPS 140-2 validation complements the existing secure credentials, tamper-proof auditing, and secure erasure capabilities of VMAX—in addition to integration with the RSA portfolio including key management and RSA enVision security information event management—making VMAX arguably the world's most secure storage array."
EMC Corporation is a global leader in enabling businesses and service providers to transform their operations and deliver IT as a service. Fundamental to this transformation is cloud computing. Through innovative products and services, EMC accelerates the journey to cloud computing, helping IT departments to store, manage, protect and analyze their most valuable asset — information — in a more agile, trusted and cost-efficient way. Additional information about EMC can be found at www.EMC.com.
EMC and VPLEX are registered trademarks or trademarks of EMC Corporation in the United States and other countries. All other trademarks used herein are the property of their respective owners.
1 EMC's "4 Gb/s FC I/O Module with Encryption" used for Data at Rest Encryption solution
2 A joint effort of the National Institute of Standards and Technology and the Communications Security Establishment of Canada
3 Validation certificate number 1610