Latest Thales e-Security News

  • Thales leads the way with high assurance data protection at Infosecurity Europe 2013

    Cloud data protection, enterprise key management, mobile commerce, secure communications and cyber assurance

    April 17,2013

    Thales, leader in information systems and communications security, will be showcasing its line of high assurance data protection, mobile payments and cyber security solutions at this year’s Infosecurity Europe, 23-25 April, 2013.

    Strong encryption and key management are cornerstones of today’s IT infrastructures, visit stand F30 where Thales will be demonstrating its latest solutions for:

    Cloud data protection

    Strong encryption and key management are recognized as the most secure and effective way of protecting data and that applies equally to the cloud as in it does the enterprise. In order for organizations to take up cloud services and migrate sensitive and high-value data to virtualized and cloud deployments, they need a high assurance, reliable key management solution that allows them to retain control of their keys, and therefore their data. The Thales portfolio protects critical data assets throughout their lifecycle – when in storage, passing over communications networks and while in use by business applications – all of which are vital aspects of a cloud security strategy. Thales is releasing the 2nd edition of its annual research report – Encryption in the Cloud. The study, produced in conjunction with the Ponemon Institute, is based on a survey of more than 4,000 business and IT managers from around the world regarding the use of encryption in the cloud.

    Enterprise class key management

    Thales will be demonstrating its recently launched keyAuthority 4.0 high assurance enterprise-class key management solution. The industry’s most comprehensive hardened key manager provides full support for Key Management Interoperability Protocol (KMIP), developed by the OASIS standards body. KMIP will be a critical enabler of broad enterprise key management that can span numerous encryption use cases and cryptographic applications.

    Mobile commerce

    The payments world is undergoing major disruption with innovations at the point of sale (POS) such as contactless card, mobile payments and mobile point of sale (mPOS). The emergence of alternative payment providers such as PayPal, Google and Square challenging banks and traditional payment acquirers; and investment in improved fraud detection such EMV card, mobile authentication technology and new approaches to reduce the burden of compliance further impacts the market environment.

    Thales is a world-class expert in secure transaction solutions for payments including payment processing,EMV issuance, mobile provisioning, mobile payments and PCI DSS compliance – see how our products and services secure payments in both the new and traditional payments worlds.

    Secure communications

    There is an ever increasing need for higher speed communications at the same time as concern is growing over security of data in transit. Additionally secure communications in government and defence comes under specific regulation with strict certification for classified networks. Thales understands this environment and has decades of experience working with national technical authorities and regulatory bodies. The Thales Datacryptor family of programmable network encryptors carries many national and international certifications, offering that special combination of high-speed network encryption for virtually any network type and flexibility to satisfy diverse regulatory environments.

    Cyber security and assurance

    The risk of cyber attack has increased significantly in the past 20 years. Cyber threats come in many forms and can have a significant impact on your business ranging from denial of service to significant brand damage through loss of information. Thales’ consultancy-led approach is defined by a new compliance standard and supports delivery of CESG accredited cyber security solutions. This allows customers to manage their cyber risk exposure at a level of rigour and cost appropriate to their organisation, enabling prioritisation of cyber activities and cost-effective cyber risk reduction.


    Visit Thales at stand F30, Infosecurity Europe, Earls Court, London, 23-25 April 2013.

    For industry insight and views on the latest payment security and authentication trends check out our blog www.thales-esecurity.com/blogs

  • Thales showcases payment innovations at CARTES 2013 Las Vegas

    Mobile payments, EMV and PCI DSS drive payment security innovations

    April 15,2013

    Thales, leader in information systems and communications security, will be showcasing its line of high assurance data protection and payments security solutions at this year’s Cartes America, Las Vegas, April 23-25, 2013.

    The payments world is undergoing major disruption with innovations at the point of sale (POS) such as contactless card, mobile payments and mobile point of sale (mPOS). The emergence of alternative payment providers such as PayPal, Google and Square challenging banks and traditional payment acquirers and investment in improved fraud detection such as EMV cards, mobile authentication technology and new approaches to reduce the burden of compliance, further impacts the market environment.

    Thales is a world-class expert in secure transaction solutions for payments including payment processing, EMV issuance, mobile provisioning, mobile payments and PCI DSS compliance. Visit Thales on booth #128 to see how our products and services secure payments in both the new and traditional payments worlds.

    Thales is presenting the following conference sessions at Cartes America:

    Who Will Win in the Era of Mobile Payments – April 23, 2013 2:30pm PT
    Ian Hermon, Payments Security Manager, Thales e-Security and Zilvinas Bareisis, Senior Analyst Banking, Celent.

    What are the new initiatives in mobile payments and what are the security challenges these pose?

    PCI DSS, Account Data and Non-Proliferation – April 24, 2013 10:00am PT
    Jose Diaz, Director Technical and Strategic Business Development, Thales e-Security

    Jose Diaz will discuss how the concept of scope is fundamental to PCI DSS compliance and provide real-world advice on how to manage and reduce scope, ensuring that compliance is not only possible, but cost-effective.

    Visit Thales at booth #128, Cartes America 2013, The Mirage, Las Vegas, April 23-25, 2013.

    For industry insight and views on the latest payment security and authentication trends check out our blog www.thales-esecurity.com/blogs


  • Thales Datacryptor Recognized as Best Encryption Solution in Info Security Products Guide 2013 Global Excellence Awards

    February 28,2013

    Thales, leader in information systems and communications security, announces that Info Security Products Guide, the industry’s leading information security research and advisory guide, has named the Thales Datacryptor line of network encryption solutions Gold Winner of the 2013 Global Excellence Awards in the Best Encryption category. The prestigious global excellence awards recognize Thales as a global leader in the security industry with advanced, ground-breaking products and solutions.

    More than 50 judges from a broad spectrum of industry voices around the world participated and their average scores determined the 2013 Global Excellence Awards Finalists and Winners. Winners were announced during an awards dinner and presentation on February 27, 2013 in San Francisco attended by finalists, judges and industry peers.

    The Thales Datacryptor network encryption product family has provided network security to enterprise and government organizations for more than 20 years. Datacryptor solutions provide secure, efficient, and scalable data transport for a variety of Layer 2 point-to-point and multipoint applications as well as Layer 3 IP. These tamper-resistant devices protect data confidentiality using the strongest commercial and government encryption algorithms with sophisticated key lifecycle management and storage techniques, while offering significantly lower latency than software encryption capabilities embedded in common network devices such as switches and routers. Datacryptor solutions make it possible for organizations to utilize the most cost-effective data transport medium available, while also meeting or exceeding business and regulatory requirements for data privacy and confidentiality. Specifically designed to ease maintenance and minimize cost of ownership, Datacryptor products are certified to the highest levels, including FIPS, Common Criteria, the UK government CAPS (CESG Assisted Products Service) standards, NATO and the U.S. Defense Information Systems Agency’s Unified Capabilities Approved Products List (DISA UC APL).

    Cindy Provin, president, Thales e-Security, Inc., says:
    “Encryption is taking center stage as a critical part of an organization’s IT security strategy, in order to mitigate the risk of data breaches and cyber-attacks and to protect an organization’s brand reputation, as disclosed in our latest 2012 Global Encryption Trends Study conducted by the Ponemon Institute. We are proud to be recognized as an industry leader with the Thales Datacryptor solution winning the Best Encryption Gold Award in the Info Security Products Guide Global Excellence Awards. Thales has been at the forefront of security technology for more than 40 years and this recognition further demonstrates our commitment to delivering innovative and high quality security solutions that enable our customers to protect their most valuable assets and business processes.”

    For industry insight and views on the latest key management trends check out our blog www.thales-esecurity.com/blogs

    About Info Security Products Guide
    Info Security Products Guide sponsors leading conferences and expos worldwide and plays a vital role in keeping end-users informed of the choices they can make when it comes to protecting their digital resources. It is written expressly for those who are adamant on staying informed of security threats and the preventive measure they can take. You will discover a wealth of information in this guide including tomorrow's technology today, best deployment scenarios, people and technologies

  • Thales and Entrust Partner to Deliver High Levels of Assurance for Identity Management, Encryption and Public Key Infrastructure Solutions

    Under a commercial relationship Entrust to resell Thales nShield HSMs to complement its enterprise and managed service offerings

    February 26,2013

    Thales, leader in information systems and communications security, and Entrust Inc., a pioneer and global leader in public-key infrastructure (PKI) technology, announce a strategic partnership to deliver easy to deploy, high-assurance encryption and key management solutions for customers worldwide, whether they are securing their enterprise or protecting information in the cloud.

    Organizations today are demanding robust, high-assurance solutions to ensure the security of their critical information and defend against an evolving threat landscape. To address these challenges, Thales and Entrust have partnered to deliver award-winning, cost-effective solutions to defend against sophisticated online and internal threats, increase efficiency and comply with domestic and international regulations. Boasting an Entrust Ready Designation, Thales offerings are tested and proven to be interoperable with Entrust solutions and will be re-sold by Entrust to complement both its enterprise and managed service offerings.


    News facts:

      • The global partnership delivers innovative offerings for PKI, key management and user authentication to help address sophisticated security challenges with solutions that provide multiple safeguards to protect information and identities against new and evolving threats.

      • Hardware Security Modules (HSMs) are widely accepted as a best practice for protecting cryptographic keys and for performing encryption and digital signing. Entrust customers will benefit from the availability of Thales nShield HSMs as part of Entrust’s managed PKI service package.

      • Organizations are increasingly expanding HSM usage with PKIs in response to today’s higher assurance requirements and to support newer certificate issuance requirements, for example for device certificates as part of Bring Your Own Device (BYOD) initiatives.

      • Thales nShield FIPS 140-2 Level 3 certified HSMs deliver the industry’s most operationally efficient high assurance key management framework.

      • The combined solutions, available from Entrust, are scalable to be delivered on premise, hosted or cloud-based to meet customers’ specific business requirements.

    Supporting quotes:

    Bill Conner, president and CEO, Entrust says:

    “Thales is a pioneer in data protection. Its certified HSMs combined with our leading identity-based security solutions, yield a best-in-class solution for securing key assets. This partnership will enable us to provide our customers with industry leading solutions that enable the deployment flexibility for both enterprise and managed or cloud models.”

    Cindy Provin, president, Thales e-Security Inc. says:

    “Having worked with Entrust to deliver market leading, proven solutions to our combined customers for many years, we are excited to extend our collaboration to meet the growing demand for integrated solutions that address evolving security threats and today’s changing business needs. With the confidence that our offerings meet Entrust Ready designation requirements, our global relationship is delivering solutions that will undoubtedly exceed our customers’ expectations and serve to enable a wide range of business initiatives including mobility and cloud computing.”


  • Thales Delivers Comprehensive Enterprise Key Management Capabilities with keyAuthority 4.0

    Hardened key manager sets new standard for widely interoperable key management with high levels of assurance using OASIS KMIP

    February 25,2013

    Thales, leader in information systems and communications security, announces keyAuthority 4.0, the industry’s most comprehensive hardened key manager, providing full support for Key Management Interoperability Protocol (KMIP) version 1.1. Developed by the OASIS standards body, KMIP will be a critical enabler of broad enterprise key management that can span numerous encryption use cases and cryptographic applications.

    Enterprises today understand the importance of cryptography to ensure the security of critical data – both on premise and in the cloud. However this creates a significant key management challenge, particularly as the number of applications and devices, often from different vendors, increases. To combat complexity, unnecessary operational costs and to ease compliance, valuable operational efficiencies can be gained by centralizing and automating key management. The value of separating key management tasks from the applications that use the keys is further increased in virtualized and cloud environments, where organizations can retain in-house control of keys and still take advantage of cloud-based encryption and data storage. KMIP is the first widely accepted industry standard for key management allowing organizations to gain these benefits while applying consistent controls and security policies.

    News facts:

      • With KMIP 1.1 protocol support, enterprises are now able to expand the numbers and types of encryption applications supported under a single, unified key management system to achieve consistent security policy, simplified administration, auditing/reporting and economies of scale.

      • With the broad industry acceptance of KMIP, customers can deploy key management solutions to solve immediate needs with the confidence that they can be extended to support future use cases with minimal impact. keyAuthority 4.0 provides KMIP-enabled interoperability for encryption-enabled products from leading vendors including Brocade, NetApp and Quantum.

      • keyAuthority 4.0 offers the broadest and most complete support for KMIP 1.1, combined with market-proven enterprise capabilities such as the automation of key lifecycle management controls, high scalability, redundancy, support for multi-tenant environments and sophisticated administrative role separation and key segregation.

      • Delivered in a tamper-resistant and tamper-evident hardware platform certified to the stringent FIPS 140-2 Level 3 standard, keyAuthority 4.0 offers long-term reliable protection of keys on behalf of an organization’s most critical applications and sensitive data.

    Rich Mogull, analyst and CEO, Securosis, says:
    “Increasing privacy concerns, regulations, use of distributed and cloud computing, and even BYOD, are all driving increased use of encryption in more diverse organizations than we have seen before. Sometimes the encryption implementations do a fine job of handling encryption keys themselves, but we see plenty of use cases and specific implementations where it makes far more sense to shift to an external key manager.” (Understanding and Selecting a Key Management Solution, Securosis, February 2013).

    Jack Rondoni, Sr. Director, Product Management, Brocade Data Center SAN, says:
    “The ability to protect as well as dependably recover encryption keys used to secure confidential information is absolutely essential, making the selection of key management solutions a critical component of the encryption system. Brocade enterprise-class data-at-rest encryption platforms with its KMIP-compliant key management client are tightly integrated with keyAuthority to ensure reliability and operational transparency throughout the key management lifecycle. Together, Brocade and Thales enable enterprise and cloud service provider data centers to deploy a comprehensive data encryption strategy with a single point of management for all encryption services.”

    Eric Bassier, Director, Product Marketing, Quantum Corporation, says:
    “Security of digital data is critical to all of our customers, that is why Quantum continues to partner with companies like Thales to support the KMIP standard and give customers the flexibility to choose the right solution for their business. The keyAuthority high-performance appliance, combined with KMIP 1.1 support, provides a reliable and extensible approach for customers seeking a standards-based solution to key lifecycle management.”

    Laurent Liscia, OASIS Executive Director and CEO, says:
    “KMIP is widely acknowledged to be the key management interoperability solution. Its success is a testimony to the hard work and commitment of Thales and the other members of the OASIS KMIP Technical Committee. We applaud Thales for its role in advancing KMIP 1.1 and look forward to its continued contributions on behalf of open standards."

    Richard Moulds, vice president strategy, Thales e-Security, says:
    “keyAuthority is deployed in some of the most demanding environments, including financial services and government, where high levels of assurance and reliability are critical. Building on our history of developing trusted hardware security modules (HSMs) and key management solutions, and our experience as one of the founders and thought leaders behind KMIP, Thales is ideally positioned to satisfy partner and customer requirements for key management systems that can ultimately support the entire organization.”

    keyAuthority 4.0 will be available in Q2 2013.  See demonstrations of keyAuthority at the RSA Conference, February 25 – March 1, 2013 in both the Thales booth #517 and the OASIS KMIP interoperability showcase booth #3012.  

    For industry insight and views on the latest key management trends check out our blogs www.thales-esecurity.com/blogs

  • Thales and Ponemon Institute study shows encryption and key management increasingly viewed as strategic issues

    February 25,2013

    Thales, leader in information systems and communications security, announces the publication of its latest Global Encryption Trends Study. The report, based on independent research by the Ponemon Institute and sponsored by Thales, reveals that encryption continues to be viewed as a strategic issue and that organizations are increasing their investment in encryption across the enterprise in response to compliance regulations and cyber-attacks.

    More than 4,000 business and IT managers were surveyed in the US, UK, Germany, France, Australia, Japan and Brazil, examining global encryption trends and regional differences in encryption usage. The report is now in its eighth year since its launch in 2005.

    The results of the study show there has been a steady increase in the deployment of encryption solutions used by organizations over the past eight years. The percentage of overall IT security spending dedicated to encryption has also increased, almost doubling from 10% to 18%, demonstrating that organizations are prioritizing encryption over other security technologies.

    Encryption continues to be viewed as a strategic issue with business leaders rather than IT or security professionals gaining greater influence over their organization’s encryption strategy. For the first time business managers in the United States became the more influential group in setting the encryption strategy, demonstrating that encryption is no longer seen as just an IT issue but one that affects an entire organization.

    Perceptions about the most significant threats to the exposure of sensitive or confidential data are employee mistakes, forced disclosures triggered by e-discovery requests and system or process malfunctions. Combined, these concerns over inadvertent exposure outweigh concerns over actual malicious attacks by more than 2:1.

    The top data protection priorities focus on identity and access management, data discovery, protecting data in use within business applications and protecting data in outsourced or cloud environments. The importance of protecting data in cloud environments rose significantly from last year’s survey ranking fourth in priority – up from 12th.

    When it comes to buying criteria, performance is always the top concern. The next largest issue is key management with 38% of respondents saying they have a formal key management strategy. To support that strategy, the new Key Management Interoperability Protocol (KMIP) standard that allows organizations to deploy centralized key management systems that span multiple use cases and equipment vendors, has already established a relatively high level of awareness among IT and IT security practitioners. KMIP is perceived to be of increasing importance and is expected to contribute to encryption and key management strategies specifically around cloud, storage and application-centric deployments.

    Hardware security modules (HSMs) are increasingly considered a critical component of a key management strategy. These devices are used to protect critical data processing activities and can be used to strongly enforce security polices and access controls.

    Dr Larry Ponemon, chairman and founder of The Ponemon Institute, says:
    “Encryption usage has emerged as a clear indicator of a strong security posture with organizations that deploy encryption being more aware of threats to sensitive and confidential information and making a greater investment in IT security. Regardless of an organization’s situation, it is clear that encryption and key management are becoming more widely deployed. For the first time this year our study shows that more organisations say they have an encryption strategy than not – another clear indication that encryption is now seen as a strategic issue.”

    Richard Moulds, vice president strategy at Thales e-Security says:
    “Encryption is taking center stage as a strategic IT security issue, in order to mitigate the risk of data breaches and cyber-attacks and to protect an organization’s brand, reputation and credibility. However, key management remains a challenge that can rapidly escalate as the use of encryption and other uses of cryptography expand. The report highlights how organizations are responding and shows a 25% increase in spending on key management solutions as a proportion of encryption budgets. Thales high assurance encryption and key management solutions help our customers address this challenge by reducing risk, supporting business continuity and demonstrating compliance enabling them to pursue their data protection goals with greater confidence.”

    Thales and the Ponemon Institute discuss the results of the new Global Encryption Trends Study, Wednesday, February 27, 2013 at “W” San Francisco Hotel 12noon – 1.30pm. Click here to register (this is a registration only event) or download the report here

    Visit Thales at booth #517, RSA Conference, Moscone Center, San Francisco, February 25-March 1, 2013.

    See demonstrations of Thales keyAuthority in the OASIS KMIP interoperability showcase booth #3012.

    For industry insight and view on the latest key management trends check out our blog at www.thales-esecurity.com/blog


    About the Ponemon Institute
    The Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.

MORE PRESS RELEASES