In today’s data-driven world, the stakes are higher than ever. Cyber threats, compliance pressures, and the shift to globally distributed work setups as well as decentralized and heterogenous environments like multi-cloud and hybrid IT are the new norm.
That calls for enterprise data not only be available but impenetrably secured. For enterprises using HPE NonStop systems—renowned for their fault tolerance and reliability—security is not an afterthought; it’s foundational.
One of the key layers in this robust security strategy is Volume Level Encryption (VLE), which encrypts all data –at rest directly on HPE NonStop-connected storage. But encryption is only as strong as the management of the encryption keys. That’s where Utimaco’s Enterprise Secure Key Manager (ESKM) comes in. Together, they form an end-to-end data protection solution that’s scalable, compliant, and built for mission-critical workloads.
Why Encryption Matters More Than Ever
Data-at-rest encryption is non-negotiable for highest data security standards and compliance with global and industry standards such as PCI DSS, HIPAA, GDPR, and SOX. These mandates not only require encryption but demand demonstrable controls over key management and auditability. HPE NonStop VLE fulfills these mandates by providing a transparent encryption layer across disk and tape storage, and virtualized environments. It seamlessly integrates with existing NonStop infrastructures without requiring application changes—delivering encryption without compromising on performance or data availability.
But encryption alone isn’t enough.
Key Management: The Weakest Link Without ESKM
Every encryption system relies on one thing: the encryption keys. If keys are lost, stolen, or misused, the encrypted data is as good as being breached or irrecoverable.
That leads to crucial questions every organization must be able to have the rights answers to at any point in time: Are they stored securely and redundantly? Who has access to them? Are they manageable in a central way? Are they rotated in time? Are they audited?
Data breaches are costly. Compliance failures are even more costly. But data loss because of mismanaged encryption keys? That’s unforgivable.
This is where Utimaco’s ESKM shines.
“Keys are as valuable an asset as the data they protect and must be protected for the life of the data” notes the HPE NonStop VLE guide.
ESKM is keeping up with that by providing a holistic solution, helping businesses to maintain full control over their encryption keys across their HPE NonStop environments and beyond, without slowing down their pace while avoiding increased management effort and operational costs. . It addresses the critical questions of control, auditability, lifecycle management, and role-based access control in a centralized way while reliably protecting all keys throughout distributed environments, independent of their origin and point of use, whether it is cloud or on-premises keys.
How HPE NonStop + Utimaco ESKM Work Together
The integration between HPE NonStop VLE and Utimaco ESKM is both deep and elegant:
- Seamless Encryption Flow: As data flows through the HPE NonStop Storage CLIM, it is automatically encrypted using AES-256 algorithms such as XTS, CBC, and GCM. Utimaco ESKM provides the keys—on demand and securely.
- No Downtime, No Application Changes: VLE allows for live encryptionof volumes and supports online key rotation, enabling zero-downtime compliance. This is critical for always-on environments like financial services and telecom.
- Auditable and Policy-Driven: All encryption operations, including key rotation, are fully audited. Policies such as separation of duties and time-bound key access can be enforced via ESKM.
- Redundant and Resilient: ESKM supports multi-node clusters, including geographically distributed configurations, with automatic key replication and failover, ensuring that your key management is as fault-tolerant as your NonStop environment.
- Standardized and Secure: ESKM uses TLS for secure key transport, is FIPS 140-2 certified, and offers certificate-based client authentication, aligning with best-in-class security standards.
“HPE NonStop VLE takes advantage of these capabilities to bring you an enterprise-class key management capability fully integrated with HPE NonStop VLE”.
Beyond Disks and Tapes: Full-Stack Integration
HPE NonStop VLE with ESKM supports a wide range of storage:
- Internal SAS Disks – Fully encrypted at the volume level
- XP Disk Arrays – Encryption selectable at the LUN level
- LTO Tape Drives – Device- and media-level encryption
- BackBox VTC – Virtual tape encryption support
This broad compatibility ensures that regardless of how you store data in HPE NonStop environments, Utimaco ESKM can manage the keys that protect it.
Real-World Impact: A Safer, Simpler Security Posture
With HPE NonStop and ESKM enterprises can maintain highest uptimes for their business processes and services by securely protecting their most critical digital data and workloads such as payment cardholder data, intellectual property, confidential business records as well as online transaction or enterprise database processing from unauthorized access, loss, manipulation or breaches.
All in a secure, centralized, and compliant way.
Visit utimaco.com or HPE.com/info/nonstop to learn more.
Be the first to comment