Risk

2/13/2018
10:20 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

RackTop Systems, Seagate Team Up to Help Governments with Data Storage Security and Compliance

The two companies launch their first joint product, the Secure Data Protection Platform (SDP2), a data management solution with encryption.

FULTON, Md. & CUPERTINO, Calif. – February 13, 2018 –– RackTop Systems, a leading provider of high-performance Software-Defined Storage embedded with advanced security, encryption and compliance, today announced its strategic partnership with Seagate Technology plc (NASDAQ: STX), a world leader in data storage solutions, with the immediate availability of their joint product, the Secure Data Protection Platform (SDP2). Engineered to solve key cyber security and compliance issues facing governments, SDP2 is a high-performance, simple, drop-in data storage solution to solving NIST 800-171 and the European Union’s General Data Protection Regulation (GDPR) security and compliance requirements.  

The two companies are undertaking this new partnership to create data security solutions that meet evolving risk management standards. SDP2 combines RackTop’s high-performance Software-Defined Storage platform with Seagate’s BAA-/TAA-compliant FIPS 140-2 disk drives and enclosures, as well as FIPS-compliant, automated encryption key management. It immediately satisfies the 18 data-related controls of NIST 800-171. It also meets NIST 800-88 and FIPS 140-2 requirements for protecting non-classified information, is certified to ISO 28001 for supply chain security assurance, and meets the GDPR for security and compliance.

SDP2 goes over and above traditional Network-Attached Storage in both physical and virtual environments with a simplified, unified and secure data management solution with encryption, orchestration, versioning, replication, retention and disposition capabilities. Supporting SMB, NFS, AFP, and iSCSI network file sharing protocols, SDP2 encrypts all data with no impact to its high-performance storage and is designed for use as file shares, storage for virtual machines, DevOps, databases and large data repositories.

“Seagate Government Solutions is pleased to partner with RackTop to create exceptional data security solutions to meet rising risk management standards,” said Mike Moritzkat, vice president and general manager, Seagate Government Solutions. “The Secure Development Protection Platform – or SDP2 – is the first of many products Seagate is delivering to meet increasingly-stringent data security regulations in both the U.S. and EU.”

SDP2’s embedded advanced cybersecurity features include policy driven data protection, automatic ransomware protection, auditing and reporting, and Key Management Interoperability Protocol (KMIP) support. It scales easily from a few terabytes to multiple petabytes, satisfying both small or remote offices, as well as large data center implementations.

“RackTop is thrilled to partner with Seagate,” said Eric Bednash, CEO and co-founder of RackTop Systems. “By unifying our cyberconverged data storage software with Seagate’s FIPS certified hardware, SDP2 replaces traditional fragmented capabilities with a unified, secure, easy-to-manage platform that ensures compliance.”

SDP2 is available to the public sector through Carahsoft. For more information, visithttp://www.racktopsystems.com/sdp2.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
ChristopherJames
50%
50%
ChristopherJames,
User Rank: Moderator
9/12/2018 | 3:03:52 AM
hi
The government needs to employ only those that have been in the industry for quite some time with ample amount of experience to help them with security concerns. Only the best in the field can ensure that no security slip-ups can occur and how to tackle the environment from various angles. The different perspectives are the ones to prepare them for possible scenarios that can easily arise during invasions. They need to already have counter measures set in place before an issue even occurs.
How the US Chooses Which Zero-Day Vulnerabilities to Stockpile
Ricardo Arroyo, Senior Technical Product Manager, Watchguard Technologies,  1/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "He just showed up at my doorstep one day without a geotag."
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-3906
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents.
CVE-2019-3907
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores user credentials and other sensitive information with a known weak encryption method (MD5 hash of a salt and password).
CVE-2019-3908
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to the zip is hard-coded and unchangeable. An attacker with access to these backups can decrypt them and obtain sensitive data.
CVE-2019-3909
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 database uses default credentials. Users are unable to change the credentials without vendor intervention.
CVE-2019-3910
PUBLISHED: 2019-01-18
Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script. Unauthenticated remote users can use the bypass to access some administrator functionality such as configuring update sources and rebooting the device.