Vormetric Data Security Solutions

Lawmakers and regulators around the world are enhancing existing data security compliance requirements, implementing new legal frameworks and defining new data security regulations to respond to increasing internal and external hazards. As requirements for data protection compliance strengthens, the use of point solutions to patch holes in data security compliance requirements becomes increasingly expensive and difficult to support.

The Vormetric Data Security Platform provides a common, extensible implementation infrastructure that supports compliance regimes with protection for data-at-rest using encryption, enterprise key management, access control and security intelligence across enterprises, cloud and big data environments. The result is a simple, efficient data security compliance solution that delivers compliance with low total cost of ownership (TCO).

  • Payment Card Industry Data Security Standard (PCI DSS) – Vormetric Data Security Platform products helps enterprises comply with PCI DSS 3.0 requirements 3, 7, 8 and 10 that call for the privacy protection of cardholder information. Vormetric Data Security secures cardholder data in databases as well as voice files, reports, and images.
  • National Data Protection and Privacy Laws – Nations around the globe are instituting data protection and privacy laws which mandate encrypting citizen personal information including UK Data Protection Act, EU Data Protection Directive and South Korea’s Personal Information Protection Act. Vormetric Data Security secures personal information, be it structured (in databases) or unstructured.
  • HIPAA/HITECH – Electronic Patient Health Information (ePHI) needs to be secured to maintain compliance with HIPAA/HITECH. Whether unstructured medical imagery or structured database information containing ePHI, Vormetric secures and controls access to ePHI.
  • NIST Special Publication 800-53 details security controls for Federal information systems as required by the FIPS 199 and 200 publications. Revision 4 updates NIST SP 800-53 to detail the extended security controls required for agency use of cloud computing under FedRAMP, the government-wide program providing standards for cloud security. FIPS 199 and 200 support the FISMA Act of 2002 requiring Federal agencies to implement and document information security programs. The FIPS 140-2 publication specifies the security requirements that must be satisfied by the cryptographic module in cryptographic-based security systems. Vormetric enables US government agencies to implement and sustain compliance with these requirements with data at rest encryption, integrated key management, access policies and privileged user controls, security intelligence and training and awareness related to the solution. In support of these initiatives, Vormetric’s Data Security Management is available as a FIPS 140-2 Level 2 or Level 3 validated appliance. The Data Security Manager appliance is also in Common Criteria evaluation.
  • Sarbanes-Oxley, GLBA, Basel III – Vormetric Data Security provides data protection, data security, access control and reporting so enterprises can demonstrate effective control over sensitive information.
  • Data Residency/Data Sovereignty – With over 50, highly varied, national privacy laws in effect worldwide — enterprises, cloud providers and multi-nationals need to ensure that data does not inappropriately cross legal jurisdictions. Vormetric Data Security enables segregation and control of data access to meet their legal obligations – in many cases without changes to applications and infrastructure.
  • GDPR – GDPR requires owners and processors of EU personal data to notify subjects of data breaches. Vormetric can help you avoid having to do this while meeting GDPR’s requirement to ensure data security through means such as encryption, tokenization and masking. Vormetric can also help you meet the GDPR’s requirement to have in place a process to test, assess and evaluate the effectiveness of your organization’s data security measures.
  • NCUA Regulatory Compliance – The National Credit Union Administration regulates and audits credit unions in the U.S. These audits include data security. Vormetric helps credit unions comply with federal mandates and standards for data access rights administration, encryption and key management and security intelligence.

In addition numerous other compliance regimes mandate protection of data-at-rest that can be enabled with Vormetric. These include FedRAMP/NIST 800-53 requirements for US Federal agencies, FIPS 140-2 for security management environments, the Australia Privacy Act, the EU Data Protection Act, South Korea’s PIPA and Singapore’s MAS TRM.


2014 Global Compliance: The legal obligations..

2014 Global Compliance

By Stewart Room, Partner, Field Fisher Water House. This document examines the global legal obligations to encrypt personal...  

Download >>


Vormetric Data Security: Complying with PCI DSS 3.0 Encryption Rules

Vormetric on cybersecurity

This white paper outlines how to use Vormetric Transparent Encryption to meet PCI DSS 3.0 Requirements with Data-at-Rest Encryption..  

Download >>


 Vormetric Data Security allowed us to go beyond check the-box compliance by providing strong data-level controls and centralized key management. As our business evolves, Vormetric Data Security's extensibility will provide us with a means to centralize and standardize our data security efforts at a very low financial and productivity cost. 

Dean Fenton
Director of InformationTechnology
Classified Ventures Nist


Encryption Architecture

Vormetric FedRAMP / NIST 800-53 Requirements Mapping

Download >>
Encryption Architecture

Coalfire: Using Encryption and Access Control for PCI DSS 3.0 Compliance in AWS

Download >>

Certification of your CSP Does Not Protect your Data in the Cloud

Download >>

The Vormetric Digital Digest on Data Security

Customer and Partner Success

  • Rackspace Cloud Partners
  • McKesson
  • AWS
  • Google Compute Engine
  • Microsoft
  • IBM
  • CenturyLink
  • QTS
  • Teleperformance Secures
  • Delta Dental