Guest Post by Nathan Turajski, Data Security
Cybercrime, mobile data access, cloud services, and other realities of doing business in a connected world make securing sensitive data more complex—and more critical—than ever. A well-rounded enterprise security plan includes strong storage encryption. When data-at-rest is encrypted, the audit risks of policy compliance, financial losses from a breach, and damage to your business reputation are reduced.
The Micro Focus Security team has been working full speed ahead, helping ensure your Enterprise Secure Key Manager (ESKM) appliances stay up to date and trusted, given the modern threat environment and evolving security requirements. Just announced as generally available is ESKM 5.0.6 with software v7.0.6. Managing encryption keys is a challenging but important aspect of any information security plan. Our ESKM provides operational simplicity and high assurance return on investment for local and remote key management protection.
In this latest update, we have addressed several key issues, including updates to further protect against memory leak risk, improved cluster performance, and enhanced HDD failure reporting. And notably for new features, we support stronger KMS TLS cipher suites to allow more choice for Secure Encryption Gen10 customers and provide SSH algorithm configuration options to allow customers to only enable the algorithms they want to use. Key Query has been improved for better performance as well.
Notable updates include the following:
- Improved cluster performance
- Selective backup option for KMIP objects
- Enhanced HDD failure reporting
- Support for stronger KMS cipher suites with the KMS server now supporting the following additional cipher suites:
- TLS 1.2 for cluster communication
- SSH algorithm configuration options
- Configuration option for maximum SSH Admin login attempts
- Upgraded OpenSSH
- Support 3072‐bit certificate creation
- Support for mandatory KMIP 1.4 attributes
- Bug Fixes
- KMS server memory leak
- Key Query by Creation Date
- Help page searching
Especially with newly emerging threats such as Meltdown/Spectre, it’s important to stay up-to-date on routine software maintenance. We recently published a blog on the merits of using custom security appliances for improved trust assurance, such as the Atalla HSM and ESKM hardware, because of the added protection of their closed environments. Full release notes and further information can be made available by contacting Micro Focus Support and/or visiting your support portal for firmware download.