Trapwire Enhances Its Security Posture With Vormetric
Founded in the wake of the September 11th, 2001 attacks on the U.S., TRAPWIRE puts data analysis to work to keep the country safe. Paul Chadha, director of products and technology, explained, “We build and deploy software systems and provide associated services to protect critical infrastructure and personnel. Our platform provides a comprehensive threat detection capability enabling a network of otherwise disparate organizations to identify and share threat information in real-time. Within our system, we enable the user base to have access into a security grid where everyone is working together in a fully encrypted, secure manner, while retaining complete control over their own data. We’ve modernized, streamlined and exponentially enhanced threat detection, analysis and information sharing.”
The TRAPWIRE system provides tools that enable users to make sense of the amassed security-related information that organizations collect. It aggregates the data in a standardized format to reveal patterns and threat indicators that help clients to prevent terrorist attacks and other criminal activity. Chadha noted, “TRAPWIRE is an agile, software-as-a-service, in-the-cloud security solution.
“We have subject matter experts in the areas of surveillance, surveillance detection and attack planning who have defined the activity and patterns that typically occur prior to a criminal act. We use their knowledge to develop our algorithms and systematically analyze the activities and events our customers are reporting. We’re able to tell them, for example, which events are indicative of a surveillance cell planning a malicious activity. The TRAPWIRE system continuously analyzes reporting from all of our clients to help identify correlations between seemingly unrelated events. With each report containing many hundred individual elements, it generates a significant amount of data.”
“The protection and security of our customer data is top priority,” Chadha stated. “Our customer base is extremely diverse and includes federal, state and local law enforcement, Department of Defense, as well as private-sector clients. The nature of the information with which we are entrusted makes it imperative that we have the highest possible standards of security across all data states.”
Stephen Coffman, chief software architect explained, “TRAPWIRE grew by two orders of magnitude from when we first designed and implemented the original encryption application. In order to continue our trajectory, it became critical for us to transition to a best-in-class commercial solution that could scale and provide us with the necessary levels of protection.”
One of TRAPWIRE’s key differentiators is the speed of its pattern analysis and correlation: To be deemed a viable contender for consideration it was critical that an encryption solution did not impede data manipulation. Coffman elaborated, “We use a service-oriented architecture that makes it pretty straight-forward to add a new API or a new application for any customer. Anything we create just talks to the back-end services that perform all the business logic, so it’s important to have an efficient interface between layers and not have to worry about encrypting and decrypting data at each boundary ourselves.”
Chadha noted, “Because of the number of recommendations we received, Vormetric was our favored solution. We performed a detailed analysis of the capabilities and functionality of Vormetric Transparent Encryption and made the decision to invest and deploy it.
“We implemented key manager capabilities and encryption across the entire environment simultaneously without having to go through any extensive training. We especially liked Vormetric’s ‘learn mode’: The application familiarized itself with our environment and asked us to approve or deny the individual service and process combinations that it encountered. When we were ready to go live it was as simple as just flipping the switch.”
To guarantee a smooth launch, the company enlisted the help of Vormetric Professional Services for the initial configuration. “The process was extremely positive – the team was always accommodating and very flexible,” recalled Coffman.
In addition to its capabilities to secure data at rest and ease of implementing role separation, Vormetric impressed the TRAPWIRE team in other ways: “With most other encryption platforms an authenticated user always has access to data in clear text.” Chadha stated. “A big differentiator with Vormetric is that we can restrict access to specific processes and even the context under which they are running. If a system administrator can’t access data in an understandable format, neither can a threat actor.”
Coffman commented, “Our agile architecture gives us the ability to build applications on the fly and get them quickly integrated into the overall solution. Vormetric Transparent Encryption perfectly accommodates this approach. It also enables us to analyze large volumes of data in real-time and can easily scale to support the company’s dramatic growth.”
“Our mission is to enhance the security posture of our clients by integrating the most advanced capabilities into our platform,” Chadha concluded. “Vormetric’s flexibility enables us to implement the best-in-class technologies we need to achieve this, and gives us the confidence that the data is always secure. TRAPWIRE’s goal is to make the world a safer place, and Vormetric is helping us get there.”