SYS-CON MEDIA Authors: Gilad Parann-Nissany, Kevin Benedict, Unitiv Blog, Mark R. Hinkle, Glenn Rossman

News Feed Item

Gazzang zTrustee™ Management Console Simplifies the Tracking and Management of Critical Security Artifacts

Gazzang, the big data and cloud security experts, today announced that customers using the zTrustee™ Management Console can now get a more holistic view of their cryptographic environment. The console is available to zTrustee customers and provides a single “pane of glass” for tracking and managing the status of encryption keys, certificates, SSH public/private key pairs, Java keystores for Hadoop and Cassandra, and more.

According to a recent study by the Ponemon Institute, more than 50 percent of Global 2000 organizations do not know how many keys and certificates they have in their infrastructure. This lack of insight can put a company at significant risk, because an expired certificate or a breached key that goes unnoticed can lead to lengthy server outages and exposed data.

Take the recent Heartbleed bug that revealed the vulnerability of several OpenSSL 1.0.1 versions. Due to uncertainty over the status and whereabouts of certain certificates, more than a week after the bug was announced only 16% of affected certificates had been revoked.

An organization using the zTrustee Management Console for SSL (secure sockets layer) certificate reporting, however, could see exactly how many certificates it has and where they exist in an environment, and use that information to systematically rotate them to prevent the network traffic from breach.

“Effective cryptography is inextricably linked to good key management. That involves generating strong keys and isolating them from the object they’re protecting, as well as knowing where they are, and what policies are being used to secure them,” said Sam Heywood, vice president of products and marketing at Gazzang. “zTrustee gives Gazzang customers a single interface to see what’s encrypted and where, stay ahead of expiring certificates, and review governance policies.”

The zTrustee Management Console displays metadata including key/certificate file description, date of deposit and expiration, policies for retrieval and authentication details. Security objects that can be monitored through the console include:

  • SSL certificates
  • X.509 certificates
  • Encryption keys
  • SSH public/private keys
  • API keys
  • Java keystores for Hadoop and Cassandra
  • GPG keys
  • Passwords and passphrases
  • Configuration files
  • Directory structures

Gazzang zTrustee is a software-based secure vault for storing and managing Gazzang zNcrypt™ keys and any other digital security artifacts that must be tightly controlled and yet accessible to authorized systems when needed. The solution can be deployed on premises or in the cloud depending upon customer need.

About Gazzang

Gazzang provides data security solutions and expertise to help enterprises protect sensitive information and maintain performance in big data and cloud environments. Our technology enables SaaS vendors, health care organizations, financial institutions, public sector agencies and more to meet regulatory compliance initiatives, secure personally identifiable information and prevent unauthorized access to sensitive data and systems. The company is headquartered in Austin, Texas and backed by Austin Ventures and Silver Creek Ventures. For more information, visit www.gazzang.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.