PVII CSS Express Drop-Down Menu
 
Recent 10 Min Case Studies

Legal Consulting Firm Increases Business Performance and Reduces Storage Operating Costs by 40% with Nexsan

CalTech Relies on Nexsan Reliability and Power Efficiency to Store Two Petabytes of Critical NASA Data

Visual Effects Studio Accelerates Backup and Reduces Operating Costs with Nexsan

Insurance Association Saves 200% with Nexsan for Backup and Microsoft Virtual Server Storage

Franklin Synergy Bank Speeds and Simplifies Data Protection with Nexsan

Recent 10 Min White Papers

Making Cents of Tape vs. Disk – The Complete Guide on What to Choose and Why

The Guide To Green Storage - Make an Ecological Difference

Deduplication 2.0: Twice the Efficiency…Half the Cost

The Power/Density Paradox: the Result of High Density without Power Efficiency

If It’s Just a Disk…Why the Reliability Gap Between Storage Vendors?

No More Tiers: Reduce Storage Costs with an Age-in-Place Strategy
Compliance and Best Practices require Better Security
Information and storage security are very important topics - privacy and data theft are at the forefront of today's customer concerns. In addition, many regulations such as Sarbanes-Oxley, Privacy Acts, and HIPAA, spell out specific requirements for secure information access and data storage.  Assureon offers powerful answers to these important requirements through the integrated technologies it is built upon - security, file disposition, the individual destruction of offline files, WORM protection and file authentication.
 
Encryption
Assureon can encrypt any file, using the Advanced Encryption Standard (AES256). There have been no successful attacks against AES, and it has been approved by the National Security Agency (NSA) for top secret documents. Multiple Privacy Acts, HIPAA, California 's SB 1386 and the FDA's CFR part 11 recommend or require encryption of information for security purposes. When Assureon encryption is enabled, files cannot be viewed even if a hacker manages to compromise security.
 
Secure Accessibility
Assureon's Access Control has three components.
  1. Authentication verifies that a client is who they say they are
    • Assureon optionally uses security certificates (Smart Cards)
  2. Authorization determines that the client has the appropriate permissions to access the resources they are requesting. Authorization is given to an authenticated client by policies established within Assureon and then published into Active Directory.
  3. Audit logs that can be used to account for any and all access to managed information.
 
Assured Individual Key Destruction
At the end of an information asset's retention period, Assureon destroys the file's encryption key and all access to that file.  Assureon is unique in its key management capabilities in that it can identify and dispose of individual files  - not only on its integrated disk storage, but also on offline media such as tape or optical.
 
Authentication of Information
When a file is placed under Assureon management, it is processed by dual cryptographic hash functions (MD5 and SHA-1) to create a unique identifier sometimes called hash value, digital fingerprint, CAS (Content Addressable Storage) address or UFID. This unique identifier allows the system to verify that the file has not been altered or inadvertently corrupted.

When a file is authenticated, Assureon retrieves the file, creates a cryptographic hash value for the document, and then compares it to the original cryptographic hash value that was generated when the file was placed under management. If any changes were made to the document, even down to the bit level, the hash values will not be the same and the file is not authenticated; if the hash values are identical, the file is authenticated as an original. This procees ensures the authenticity and integrity of all files stored by the Assureon system.
 
© 2007 Nexsan Technologies, Inc.