blog-vengar-header

PRESS RELEASE: Fornetix and Vengar Technologies Join Forces to Create Disruptive Zero-Trust Solution

Partnership delivers impenetrable security foundation throughout the enterprise and out to the edge

FREDERICK, MARYLANDFornetix, LLC today announced its technology partnership with Vengar Technologies, creating a powerful, innovative joint data protection solution that leverages Fornetix’s innovative encryption key management system, VaultCore™,and Vengar’s zero-trust object level data protection.

“As a young company, we’re excited to align Vengar Technologies with the Fornetix group. Fornetix brings a mature and impressive list of customers from gov to commercial,” said Toney Jennings, CEO of Vengar. “We’re confident this partnership will greatly increase our joint technology offering and sales velocity. Because of our relationship with Mr. Gilroy, the Fornetix team, and the new combined offering, we are also moving our east coast headquarters to the DC region, which will be hubbed out of the Fornetix headquarters in Frederick, Maryland embedded in a full SCIF.”

Using a unique combination of multi-layered encryption and Identity & Access Management technologies, Vengar’s solution creates a micro-perimeter all the way down to individual data object level. This micro-perimeter travels with the data wherever it goes, at all times for the entire document lifecycle. Before access to the data is granted, the user’s identity along with their access and usage rights are validated every time. Validation for access is based on multiple factors including user identity (username, password, biometrics, PIN, token, etc), Device ID, Geolocation, authorized access timeframes, usage rights (read only, etc), and threat risk. Vengar’s proprietary solution addresses concerns over where the zero-trust data package has gone or who has access to it is since it can only be accessed by authorized recipients under authorized circumstances.

“We are extremely excited to announce our relationship with Vengar Technologies. The combination of our innovative key management technology with Vengar’s object security solution empowers Fornetix to bring to market a disruptive joint solution like no other in the cybersecurity space,” says Mark Gilroy, CEO of Fornetix. “Now federal and commercial enterprises will be fully enabled to address and mitigate the core security vulnerabilities in this age of IoT and rapid cloud adoption.”

Fornetix’s VaultCore makes encryption management at scale simple whether in the cloud, on prem or hyperconverged environments. VaultCore’s granular policy tools, user access controls, and powerful automation makes it easy to manage the entire life cycle of encryption keys throughout the enterprise and out to the edge. VaultCore is the only encryption management solution with the capacity to deliver, process, and support hundreds of millions of keys for large-scale distributed environments with little impact on performance. Easy integration via KMIP, and non-KMIP, using Fornetix’s Orchestration Gateway, VaultCore enables companies to leverage their existing technology investments. VaultCore is also validated up to FIPS 140-2 Level 2, and Level 3 with HSM integration. The combination of Fornetix and Vengar addresses the complexity needed to meet more stringent regulatory mandates, guidelines, and standards that are being activated to protect sensitive customer data.

By combining VaultCore’s powerful key management system with Vengar’s innovative zero-trust data protection solution, customers now have a security solution that includes an easily integrated platform providing an impenetrable security foundation throughout the enterprise and out to the edge.

ABOUT FORNETIX

At Fornetix we understand that managing encryption in today’s complex environment can seem an impossible task. That’s why we created VaultCore, a simplified, automated, and secure encryption key management solution designed to address security challenges arising from the proliferation of IoT, big distributed networks, and rapid cloud adoption. Our commitment to standards and interoperability enable us to join forces with leading technologies around the globe to provide smart and unified security solutions that bring order to the chaos of encryption management.

ABOUT VENGAR

Vengar is a cybersecurity SaaS pioneer of “Zero-Trust” data solutions. Vengar solutions allows our clients to maintain control of their data, forever, even when it has left their possession and traveled around the world. In an increasingly prolific threat environment, new and innovative cross-platform approaches are required. Vengar combines on-device encryption, identity management, geofencing, and DRM to provide the very best data protection while also delivering simplified deployment and seamless user experience. Our philosophy is simple: Trust No One.

MEDIA CONTACT

Catherine Wolniewicz
SVP Global Marketing
Fornetix, LLC
marketing@fornetix.com

website-blog-healthcare-01-01

Hackers Threaten Healthcare Data and Patient Care as Hospitals Endure Overload | Fornetix

Every industry is vulnerable to data breaches, but the healthcare industry has long stood out above the rest. This vulnerability may prove particularly damaging not only to Protected Health Information (PHI) during the COVID-19 crisis but also patient care.

59% of the U.S. population has already had their healthcare records stolen

According to HIPAAJournal.com, prior to COVID-19 hitting the globe, healthcare data breaches were already being reported at a rate of more than once per day. Protenus Breach Barometer reported that in 2018 the healthcare sector saw 15 million patient records compromised in 503 breaches, three times the amount seen in 2017. But by July 2019, that number had skyrocketed with potentially more than 25 million patient records breached.

Medical records contain valuable and sensitive personal data including social security numbers, insurance information, payment details, personal health records, and more. According to Experian, a patient’s full medical record can sell for up to $1,000. By comparison, Social Security numbers typically sell for $1 and credit card information for up to $110.

In early March, sources informed Reuters that hackers tried to break into the World Health Organization (WHO). While the attempt was unsuccessful, WHO Chief Information Security Officer Flavio Aggio warned, “that hacking attempts against the agency and its partners have soared as they battle to contain the coronavirus.”

Increased IoT-focused cyberattacks may impact patient care

As recently as November 2019, Threatpost, a leading source for IT and business security news, reported that IoT security woes were already plaguing the healthcare industry. “At least 82 percent of connected medical devices have been targeted in the past year, opening the potential for a variety of attacks, from highly sensitive information disclosure to denial of service (DoS) for critical devices,” a recent Xtelligent Healthcare Media survey found.

At the same time COVID-19 began accelerating in the U.S. in February, Elad Luz, Head of Research at CyberMDX, warned that “Healthcare organizations are increasingly experiencing IoT-focused cyberattacks.”

There are a number of vulnerabilities in the area of IoT and cybersecurity, but perhaps the most devastating are those that put people’s lives at risk. Many ailments are treated with cloud-based monitoring services or embedded IoT devices like those being used to treat patients with COVID-19.

Unfortunately, medically-necessary IoT devices can and are being compromised by cyberattacks capable of disrupting the delivery of lifesaving health services – putting people’s lives at risk – and with the projected increase in patients requiring medical interventions such as ventilation, IV pumps, anesthesia, and patient monitoring, the consequences could be devastating if the correct security measures aren’t in place.

Is the healthcare industry prepared?

Much of the global healthcare industry is understandably distracted by caring for the overwhelming number of COVID-19 patients. Combined with the surge in cyberattacks that have coincided with the rise of the virus, this leaves an already-taxed industry even more vulnerable.

Vulnerabilities to ransomware, malware, botnets, and online medical device attacks have seen a sharp rise due to numerous factors; the interconnectedness of hospital operations, close ties with third-party vendors, the rising complexity of hospital technology systems, and reliance on an extensive variety of connected networks.

Encryption is the most consistent security mechanism available for securing data and IoT devices. While many healthcare organizations are proactively encrypting data, even more, they are failing to properly manage the encryption ecosystem by regularly rotating their keys – a poor practice like having just one password across all logins or devices and never updating it. With real attacks impacting healthcare right now, it is critical that organizations place enhanced key management measurements into their cyber-defense protocol immediately.

How VaultCore™ can quickly help healthcare organizations secure critical personal data and patient care

Key management is at the core of making encryption a strong security tool. VaultCore by Fornetix® is a groundbreaking cybersecurity solution that unleashes encryption’s full potential by deploying and enforcing key management across an entire organization—across all devices. This unified approach allows storage and control of all encryption keys in all environments; whether it’s on-premise storage, virtualized, or cloud.

Delivered as a physical or virtual appliance, VaultCore can swiftly integrate with a healthcare organization’s existing infrastructure and current encryption strategy. This immediately decreases data loss, enables compliance with privacy regulations, effectively manages third-party risk, and protects the lives of patients. VaultCore automatically updates and secures the encryption keys necessary to decrypt data so it can be read. In short, when data is properly encrypted, it remains unreadable and therefore useless to the attacker because they’re unable to decrypt it. With industry-leading capacity, VaultCore allows medical devices to each be given unique encryption keys instead of relying on a single key for all devices. Additionally, VaultCore can verify the cryptographic integrity of data to ensure critical code has not been tampered with.

Backed by granular policy tools, intuitive access controls, and powerful automation, VaultCore is the only key management solution in the world that can manage hundreds of millions of encryption keys across every device, reduce human error, maintain compliance, and give the industry some much-needed peace of mind that every device that serves, stores, transmits, or collects patient or other critical data is protected to the fullest extent.

blog-vaultcore

PRESS RELEASE: Fornetix Announces Key Orchestration™ Name Change to VaultCore™ and Launches Version 2.4

Improved features help VaultCore amplify its data protection capabilities

FREDERICK, MARYLANDFornetix LLC, an industry pioneer and leader in enterprise encryption management technology, announced today that they have changed their flagship key management solution’s name from Key Orchestration to VaultCore.

“Welcome to the future of encryption key management! We are excited to announce the VaultCore brand to better reflect the success of our patented, military-grade automated encryption key management solution. As sophisticated hacks continue to grow and make securing enterprise data more complex, VaultCore is designed to equip organizations to meet serious, and pervasive security threats with an interoperable, scalable, and highly secure system for easily managing encryption across all technology stacks,” said Mark Gilroy, Fornetix CEO.

With flexible deployment options including hardware or software appliances, VaultCore enables a unified approach to data security through leveraging and enforcing encryption across an entire organization. With unified encryption management, users can store and control all encryption keys across all environments, whether it is on-premise storage, virtualized, or in the cloud.

Fornetix has also released VaultCore version 2.4. This powerful upgrade provides numerous improvements including a simplified user interface, an all-new plugin framework, and outbound interfaces with powerful technologies such as REST, NETCONF, and RUCKUS.

VaultCore’s new user interface has been simplified with easy and intuitive controls while providing new capabilities like a single touch point for automation and scheduling, better methods to organize your architecture, and improved built-in documentation.

ui-2-1

The Plugin Manager is the expansion and integration of a new server-side component that operates dynamic loading and integration of other server-side components. This allows for the creation of new capabilities and features in a more consistent, rapid, and repeatable manner. These plugins maintain a secure crypto architecture with the agility to meet the evolving needs of VaultCore users. The License Manager Plugin centralizes and streamlines licensing operations and allows for status checks of license keys, activation and deactivation of licenses, and a framework for licensing new features and plugins in a secure, scalable manner.

With new Outbound Interface Plugins, users can leverage commands for network management through VaultCore Compositions with the power of the new Plugin Framework. As such, the VaultCore platform can now deploy powerful automation that merges cryptographic key lifecycle with system configuration and administration, becoming a central hub of core capabilities in the organization.

“These software developments further Fornetix’s commitment to helping secure our customers’ data and streamlining each users experience,” said Chuck White, Chief Technology Officer. “The vast amount of data and information being generated today is more often necessitating millions of encryption keys,” White added.

Through VaultCore, Fornetix is able to deliver powerful encryption management and security to a broad range of industries including healthcare, banking, utilities, telecoms, and more. As part of our commitment to serving users around the globe, the VaultCore server can now operate in Coordinated Universal Time. This harmonizes global High-Availability deployments of the technology across multiple time-zones.

“We want companies to have the opportunity to evaluate VaultCore risk-free and see for themselves why Dell, the U.S. intelligence community, financial institutions, telecommunications, and so many other major industries are choosing VaultCore above other key management solutions, so we’ve created a fully-enabled trial offer,” said Chuck White, CTO. “We have no doubt that after users evaluate our robust solution for free, they’ll want VaultCore to permanently protect their most valuable data assets.”

For more information, or to evaluate for yourself risk-free for 30-days how VaultCore renders cyberattacks useless, visit https://www.fornetix.com/freetrial.

About Fornetix

Fornetix® delivers VaultCore™, the only enterprise key manager with the capacity and horsepower to manage hundreds of millions of encryption keys, the number required by cutting-edge IoT networks and applications. This unmatched scalability empowers organizations to build a data security strategy with encryption as the bedrock foundation — no compromises needed. Powerful tools for automating the key lifecycle, enforcing cryptographic policies, and rapidly integrating with the most popular IT services and technologies sets a new standard and opens new opportunities for broad encryption deployment. For more information visit www.fornetix.com.

Blue cityscape

PRESS RELEASE: Fornetix and OutSecure Partner to Provide Comprehensive Security for Smart Cities

FREDERICK, MD – Fornetix, Inc., an industry pioneer and leader in enterprise encryption management technology, has partnered with OutSecure, a preeminent Cybersecurity & Privacy Strategy creation company, to provide a comprehensive and complete approach to cybersecurity to smart cities.

Read more

Conference room

PRESS RELEASE: Former NSA Executive Richard C. Schaeffer Joins Fornetix Board

FREDERICK, MARYLANDblog-schaefferFornetix, Inc., an industry pioneer in enterprise encryption management technology, announces the appointment of Richard C. Schaeffer, Jr. to the company’s Board of Directors. Mr. Schaeffer is a former Senior Executive with the National Security Agency (NSA) and brings over 40 years of experience from roles throughout the defense and intelligence communities. His career includes extensive leadership, management, and technical expertise in the areas of information security and assurance, helping to safeguard many of the nation’s most critical and sensitive assets.

Read more

Blue clouds

The Benefits of nCipher’s New Serviced-Based Hardware Security Module (HSM)

When considering the intersection of Roots of Trust and the accessibility of services provided by cloud architecture, reliable options quickly become scarce. That is why we at Fornetix are excited to see nCipher launch their “nShield as a Service” (nSaaS) offering. With the combination of Internet of Things (IoT) based technologies and the embracing of “as a Service” cloud capabilities, there is a growing need for HSM services that can be provisioned and integrated with cloud principles while not belonging to a specific cloud vendor. At Fornetix, we built our technology to play to the middle, enabling public, private, and hybrid cloud solutions. We are excited to see nCipher’s nSaaS solution parallel our own. We believe the joint approach will help customers embrace effective use of cryptography no matter how they use technology, whether it be cloud first/cloud native, hybrid cloud, or private cloud.

Read more

City landscape

Ransomware vs Data Breach: What They Are and How You Can Protect Your Enterprise From Them

There are two popular types of malicious attacks: A data breach and a ransomware attack. You may have heard these two terms used interchangeably, however they’re not quite the same.  A data breach occurs when a hacker gains access to information and steals the unencrypted data from the system. This is often used to steal financial, medical, and other personal information. A ransomware attack occurs when hackers gain access to a system and hold the data hostage in exchange for a ransom, regardless of whether the data is encrypted or unencrypted. A hacker may keep the data inside the enterprise’s system but encrypt it so the right people can’t gain access to it. They may also remove the data from the system and return it in exchange for ransom. Both types of attacks have been around for a while, but recently, ransomware attacks have become more prevalent.

Read more

How to Identify IoT Pitfalls and Adopt Technology with Confidence

When looking at technology adoption, I am frequently reminded of Pandora’s Box from Greek mythology. This metaphor rings true when considering the Internet of Things (IoT). Whereas Pandora released a host of evils into the world, with IoT we have released new concerns associated with multiple technologies, multiple standards, scale, and security (or as I like to say, resiliency). When considering the information that flows from the edge, through the cloud, and ultimately to the data center, the lowest common denominator for protecting information is trust created by cryptography (as noted by nCipher’s Juan Asenjo in the other half of this blog series). In this blog, we are going to start by acknowledging the pitfalls of our particular Pandora and then discuss how we find hope in the solution provided by nCipher and Fornetix.

Read more

Man jumping off a cliff

Guest Post: Before You Dive Into IoT, Do These Three Things

Olympic high diving requires concentration and self-control. Before divers jump off a 10-meter platform, they pause at the edge and concentrate on their goal: elegantly perform the acrobatic maneuver and gracefully pierce the water causing minimum surface disturbance. This same disciplined approach is required when adopting new and revolutionary technologies, such as those now available through the Internet of Things (IoT). Decision makers must assess the risks and benefits, consider potential difficulties, and then take the jump.

Read more

Wall of keys

Top 4 Challenges When Managing Encryption Issues

Implementing an encryption strategy comes with hefty baggage, but don’t worry; we’ve got you covered. In this post, we’ll cover the top four challenges of managing encryption issues and solutions to overcome them.  

Encryption key management is increasingly more important the more connected we become. With millions of devices and millions of users, there becomes an increasing need for effective cybersecurity tools that safeguard sensitive assets for individuals and organizations.

Read more