Dataprise | January 18, 2022
Dataprise, a leading strategic IT managed service provider, today announced the acquisition of Global Data Vault, a leader in Disaster-Recovery-as-a-Service (DRaaS), Backup-as-a-Service (BaaS) and modern data protection solutions. The addition of Global Data Vault creates one of the industry's broadest portfolios of integrated data protection and cybersecurity offerings to solve client's toughest business resilience, risk mitigation and compliance challenges.
"Clients turn to Dataprise to be their one strategic IT partner, which requires we bring the broadest portfolio of services powered by the best technology and deepest expertise. Today, the mandate for a holistic cybersecurity and data protection strategy is a top priority for our clients, Global Data Vault is a powerful addition as they bring industry leading cloud-based data protection solutions that bolster our premier cybersecurity portfolio, top-notch employees, a strong Veeam partnership, and relentless focus on client success."
Steve Lewis, CEO of Dataprise
Founded in 2004, Global Data Vault is a recognized leader in the BaaS and DRaaS industry and holds the distinction of being a Platinum Veeam Cloud & Service Provider. Global Data Vault's mission is to protect organizations' critical data with modern data protection strategies to ensure business continuity and eliminate downtime. Headquartered in Dallas, TX, Global Data Vault protects hundreds of clients across the United States, Canada, and the United Kingdom.
"Our clients are facing new challenges driven by dramatic changes in the cybersecurity threat landscape and evolution of IT strategies including cloud adoption," said Anthony Galley, Chairman of Global Data Vault. "Dataprise has an enviable portfolio of cybersecurity, managed IT services, and cloud services that enhance the value of our modern data protection and DRaaS offerings. Together with Dataprise we are perfectly positioned to provide our clients even greater value."
"We're excited for the opportunity that joining Dataprise presents for our clients, employees and partners. We now have a much broader set of services, capabilities and resources all aimed at protecting client data and ensuring business continuity," said Will Baccich, CEO of Global Data Vault.
This marks Dataprise's second acquisition as the company executes on its strategy to build the broadest managed services portfolio and give clients one strategic IT partner to solve it all. The recent acquisition of Wireless Watchdogs added a comprehensive Mobility Managed Services (MMS) and Mobile Device Management (MDM) portfolio aimed at solving mobile device, Internet of Things (IoT) and endpoint management challenges.
Founded in 1995, Dataprise believes that technology should enable our clients to be the absolute best at what they do. This commitment to client success is why Dataprise is recognized as the premier strategic managed service and security partner to strategic CIOs and IT leaders across the United States. Dataprise delivers best-in-class managed cybersecurity, disaster recovery as a service (DRaaS), managed infrastructure and managed end-user services that transform business, enhance user experiences, and eliminate risks.
HITRUST | December 18, 2021
HITRUST today announced it is addressing the need for a continuously-relevant cybersecurity assessment that aligns and incorporates best practices and leverages the latest threat intelligence to maintain applicability with information security risks and emerging cyber threats, such as ransomware. The design and selection of the controls for the HITRUST Implemented 1-year (i1) Assessment puts it in a new class of information security assessment that is threat-adaptive – designed to maintain relevance over time as threats evolve and new risks emerge, while retiring controls no longer deemed material.
Most existing assessment approaches are not designed to keep pace with current and emerging threats; those that do, rely heavily on broad control requirements that raise questions about suitability of control and consistency of review that ultimately impact reliability of results. In contrast, HITRUST identifies information security controls relevant to mitigating known risks and leverages cyber threat intelligence data to influence the selection – and where necessary, updating – of technically-focused HITRUST CSF requirements included in the HITRUST i1 Assessment. As a result, the HITRUST i1 Assessment includes controls selected to address emerging cyber threats active today.
“The HITRUST i1 Assessment is unique in both selection of controls and the design of its assurance program. Effort towards completion is comparable to other moderate assurance vehicles while delivering a higher level of reliability,”
Jeremy Huval, HITRUST Chief Innovation Officer
The HITRUST i1 Assessment is the first information security assessment of its kind with attributes not available through other assurance programs:
Designed to maintain relevant control requirements to mitigate existing and emerging threats and provide updates as new threats are identified (It is threat-adaptive, prescriptive, and focused on controls relevant to risk)
Designed to sunset controls that have lost relevance and have limited assurance value based on effort required to comply or assess
Its unique controls selection and assurance program design deliver a higher level of reliability than other moderate assurance options
The level of time and effort to complete is comparable to other moderate assurance options in the market
Offers a forward-looking, 1-year certification
As the HITRUST i1 was designed around relevant information security risks and emerging cyber threats, it is not surprising it provides coverage for numerous standards, such as NIST 800-171, GLBA Safeguards Rule, HIPAA Security Rule, and Health Industry Cybersecurity Practices (HICP).
HITRUST will evaluate security controls and review threat intelligence data no less than quarterly, and for each subsequent major and minor release of the HITRUST CSF, to ensure the HITRUST i1 Assessment requirement selection remains relevant over time. Guidance documents will also drive enhancements to the HITRUST CSF and HITRUST i1 Assessment control sets as needed. While the HITRUST i1 Assessment is intended to adapt and evolve to maintain relevance, it’s important to note that HITRUST i1 Assessment certified organizations will not be impacted by changes to the HITRUST i1 Assessment control requirements until their next HITRUST assessment cycle.
HITRUST is hosting a webinar at 11 a.m. CT on Thursday, February 3, 2022, to discuss the HITRUST Implemented 1-year (i1) Assessment in more detail. To register, and for more information, click here: Next Generation HITRUST Information Security Assessment Focuses on Continuous Cyber Relevance
Since it was founded in 2007, HITRUST has championed programs that safeguard sensitive information and manage information risk for organizations across all industries and throughout the third-party supply chain. In collaboration with privacy, information security, and risk management leaders from the public and private sectors, HITRUST develops, maintains, and provides broad access to its widely adopted common risk and compliance management frameworks as well as related assessment and assurance methodologies.
HUB Security | December 17, 2021
HUB Security, a secure computing solutions provider, announced today its Docker Digital Twin product to better protect, authenticate, and verify traffic created by Docker, a highly used platform for package containment.
The HUB Security Docker Digital Twin enforces access control and provides governance processes, such as approvals for sensitive actions, on incoming Docker traffic. It blocks attack vectors involving the loss or theft of credentials, vulnerabilities, and unauthorized access.
Docker creates virtual containers (called packages) that allow applications and their dependencies to run seamlessly on any operating system. It is used by some 55% of professional developers daily and is the leading solution for cloud-based SaaS platforms. It is also ubiquitous in large enterprises, financial institutions, and public clouds, as well as defense equipment, servers, and data centers. Docker packages, because of their extensive use, are often the target of cyber security threats from hackers.
"We want to create a seamless experience for our customers when it comes to security,Our new system enables multi-layered security processes for the entire compute stack with Docker being part of it. The solution is also future proof, meaning clients can rest assured for years that their systems are safe and secured."
Andrey Iaremenko, HUB Security's CTO
The Docker Digital Twin solution will be incorporated into existing HUB Security technology without changing existing operational controls and services. The product's complete remote update capabilities will provide full support for any and all Docker versions and security capabilities.
About HUB Security
HUB Security was established in 2017 by veterans of the 8200 and 81 elite intelligence units of the Israeli Defense Forces. The company specializes in unique Cyber Security solutions protecting sensitive commercial and government information. The company debuted an advanced encrypted computing solution aimed at preventing hostile intrusions at the hardware level while introducing a novel set of data theft prevention solutions. HUB operates in over 30 countries and provides innovative cybersecurity computing appliances as well as a wide range of cybersecurity professional services worldwide.
Futurex | October 12, 2021
Futurex’s key management technology and Google Cloud EKM give customers more control over encryption keys to maximize data security, privacy, and compliance
BULVERDE, Texas, October 12, 2021 — Futurex, a leader in hardened, enterprise-class data security solutions, today announced support for Google Cloud External Key Manager (EKM), giving customers more control over encryption keys. Google Cloud EKM gives users full separation between their data and encryption keys, enabling users to create, store, and manage their encryption keys in a third-party key management service (KMS) — such as Futurex’s key management servers (KMES). Users can turn to Futurex KMES Series 3, a FIPS 140-2 Level 3-validated key management enterprise server, or Futurex's VirtuCrypt cloud service to handle all cryptographic key lifecycle management to maximize data security, privacy, and compliance.
“We continue to add security and flexibility for Google Cloud users, giving them full control of the location, distribution, and access of their externally-managed keys,” said Bahul Harikumar, Head of Infrastructure Security Partnerships at Google Cloud. “Google Cloud EKM and Futurex give users more security options and more control.”
Futurex’s robust key management platform is globally available and highly scalable, providing a versatile, external key service using fully-validated HSM and cloud technology. In addition to solutions for Google Cloud External Key Manager, Futurex’s KMES Series 3 offers:
Cloud key management
Public key infrastructure (PKI)
Certificate Authority (CA)
Integration with numerous 3rd-party applications and services
“Google Cloud’s commitment to encryption is evidenced by its support for external key management partners and we are thrilled to support Google Cloud EKM with our FIPS 140-2 Level 3-validated systems,” said Ryan Smith, vice president, global business development, at Futurex. “Futurex’s centralized encryption makes everything easier by fulfilling multiple key management use cases in a single platform.”
Futurex’s Google Cloud EKM can be deployed via Futurex on-premises key management servers, Futurex’s VirtuCrypt Cloud, or an on-premises/cloud hybrid. For more information on Futurex’s support for Google Cloud EKM, visit futurex.com. Google Cloud will be showcasing its Cloud EKM at its Google Cloud Next ‘21 conference, taking place October 12-14, 2021.
For more than 40 years, Futurex has been a trusted provider of hardened, enterprise-class data security solutions. More than 15,000 organizations worldwide, including financial services providers and corporate enterprises, have used Futurex’s innovative hardware security modules, key management servers, and enterprise-class cloud solutions to address their mission-critical systems, data security, and cryptographic needs. This includes the secure encryption, storage, transmission, and certification of sensitive data. For more information, please visit futurex.com.