PROTECTING THE FINANCIAL SECTOR FROM CONSTANT ATTACKS The financial industry has only slightly less regulations The same full encryption that protects the health care industry imposed on it than healthcare. Although laws like the is also employed to lock down financial data. Nothing written Sarbanes–Oxley Act of 2002, which requires audit trails and to a FlashArray is unencrypted, so there are no back doors or verifiable financial reporting, don’t specifically speak to the loopholes that a hacker can exploit. Every byte is protected need to secure data, the industry generally tries to follow plans with AES-256 encryption on every drive in the entire array. like the Payment Card Industry Data Security Standard to keep information safe. Within the financial sector, the biggest problem isn’t government fines if personal data should slip out, but more so Companies working in the fact that companies working in finance are generally the most attacked group in the world. Not only is the information finance are generally the they protect valuable, but it also can lead to actual money for hackers who are able to penetrate a company’s data at rest. most attacked group in Stealing credit card information, bank account passwords and user-logins can be a highly profitable business in its own right for professional thieves, so the financial sector is always trying the world. to keep one step ahead of the constant attacks. And even though there aren’t a lot of laws in place to punish companies that fall prey to hacks, in most cases the company is going to be held liable if they allow their customer’s money to be In addition to not slowing down performance, the Pure Storage stolen. Even beyond that, the loss of reputation following a FlashArray does not require any external key management breach, especially a large and well-publicized one, could lead for encryption. The FlashArray uses a unique internal key to disaster. management mechanism that keeps the burden off of both the As such, even though it’s not as tightly regulated as the administrators and users. No longer do administrators have to healthcare industry, the financial sector generally tries to be purchase expensive third-party key management programs as secure as possible, even going so far as to lock down and then spend weeks in training seminars learning how to systems with draconian schemes and highly redundant make it all work within their organization. The patent-pending protections. The problem with that approach is that too much internal key management system on every FlashArray comes security can become a wall blocking authorized users from as part of the storage medium itself. Beyond getting a huge getting to the information they need. And that is where the benefit included when simply buying a new FlashArray, Pure Pure Storage FlashArray can step up and solve two problems Storage’s unique key management solution also doesn’t at the same time. require user intervention because the keys are generated securely and automatically. From a user’s perspective, it’s like having key management without the actual keys. © Pure Storage 2014 | 5