ENCRYPTION AND DATA REDUCTION:

LOVE OR HATE?

Horia Constantinescu - Regional Sales Manager SEE

hconstantinescu@purestorage.com

© 2019 PURE STORAGE INC.2

ZBs

CORE/EDGE/CLOUD

THINGS

REAL-TIME INTELLIGENCE

MACHINES

IT’S A WHOLE NEW WORLD OF DATA…

Almost half of revenue in enterprises is now being driven through digital.

47%

Of businesses say data is so valuable it should be an asset on the balance sheet.

67%

Agree AI will be a game-changer in the way we think about and process data.

83%

© 2019 PURE STORAGE INC.3

ACCELERATE ALL APPLICATIONSTIER 1APPS

DELIVER A "NEW FAST" FOR TIER 1

APPS

DRIVE HIGHER SCALE & EFFICIENCY FOR WEBSCALE APPS

WEBSCALE APPS

CONSOLIDATE ON ALL-FLASH

ANALYTICSTIER 2APPSVMs / CONTAINERS

>_NVMe-oF

SITE 2

ACTIVE/ACTIVE

MAKE ENTERPRISE BUSINESS

CONTINUITY EFFORTLESS

ACTIVECLUSTER

© 2019 PURE STORAGE INC.4© 2017 PURE STORAGE INC. CONFIDENTIAL DOCUMENT, DO NOT SHARE OR DISTRIBUTE.

THREE CORE PRINCIPLES

EFFORTLESS EVERGREEN

STORAGE ADMINISTRATION SHOULD BE A TASK, NOT A FULL

TIME JOB. NO MANDATED TRAINING

COURSE.

FULL-STACK AUTOMATION.MAKE HYBRID CLOUD A REALITY.

WE’RE WATCHING THE ARRAY FOR YOU, WE SEE THINGS BEFORE THEY HAPPEN. PREDICTIVE

SUPPORT.

BEST DATA REDUCTION IN THE BUSINESS. PROVEN. ALWAYS-ON.

DO WHAT YOU LIKE, WHEN YOU LIKE.

RUN MIXED WORKLOADS. PREDICTABLE & CONSISTENT

PERFORMANCE.

NO OUT-OF-HOURS WORK REQUIRED FOR ANY TYPE OF

MAINTENANCE OR CONFIGURATION.

BUY AN ARRAY ONCE, NEVER BUY ANOTHER ONE TO REPLACE

IT. EVER.

NEVER RE-BUY SOMETHING YOU ALREADY HAD.

NO HIDDEN COSTS, NO ENFORCED UPGRADES,

TRANSPARENT PRICING.

DESIGNED FOR THE FUTURE.

ALSO AVAILABLE “AS-A-SERVICE”, PAY-PER-GB USED

WELCOME TO YOUR DATA-CENTRIC ARCHITECTURE

EFFICIENT

© 2019 PURE STORAGE INC.5

5:110:12X BETTER DATA REDUCTION

AVERAGE DATA REDUCTION RATE (COMPRESSION + DEDUPLICATION ONLY)

POWERS BEST IN CLASS POWER, COOLING, AND FOOTPRINT EFFICIENCY

AVERAGE TOTAL REDUCTION (COMPRESSION + DEDUPLICATION + THIN

PROVISIONING)

© 2019 PURE STORAGE INC.6

Historically host data encryption and array data reduction are like oil and

water – they simply don’t mix.

© 2019 PURE STORAGE INC.7

IDC research published in the 2019Thales Data Threat Report-GlobalEdition states that 60% oforganizations have incurred at leastone data breach and 30%experienced their most recent breachwithin the past 12 months.

© 2019 PURE STORAGE INC.8

• A recent audit of Baltimore's ITdepartment found that the agencylost important data during thisyear's ransomware attack due topoor storage practices.

• As a result, data that wassupposed to aid in the analysis offour performance measures —metrics meant to determine if theagency was meeting its goals inan efficient and cost-effectivemanner — could not be accountedfor throughout the 2017-18 fiscalyears, according to the report.

© 2019 PURE STORAGE INC.9

STORAGE COSTS OF ENCRYPTED DATA

• Simplest metric: $/GB• What GB?

• Encrypting data to meet compliance requirements andprotect your business, increases the cost of storage.

• D@RE – data at rest – usually additional cost (free withPure)

• Host / application based encryption• Additional cost for CPU cycles• Additional cost for encryption license• Additional cost for storage – all flash advantages canceled

© 2019 PURE STORAGE INC.10

© 2019 PURE STORAGE INC.11

END-TO-END DATA ENCRYPTION WITH DATA REDUCTION

Vormetric Transparent Encryption can overcome the data reduction or security compromise with Pure Storage.

© 2019 PURE STORAGE INC.12

1.The Vormetric File System agent is installed on a LINUX host2.The host checks out an encryption key from the Vormetric Data Security Manager (DSM)3.The FlashArray registers as a KMIP client with the DSM and checks out the host encryption key4.The host writes encrypted data to the FlashArray5.The FlashArray decrypts the data using the host key, reduces it, and re-encrypts it with the FlashArray key before writing it to flash.The un-encryption of data with the host key is an added step introduced with the integration.6.When the host reads the data, the FlashArray decrypts the data using the FlashArray key and re-encrypts with the host key prior to sending thedata to the host. The re-encryption of data is an added step introduced with the integration.

© 2019 PURE STORAGE INC.13

https://blog.purestorage.com/end-to-end-data-encryption-with-data-reduction-from-thales-pure-storage/

https://go.thalesesecurity.com/rs/480-LWA-970/images/pure-storage-and-thales-esecurity-sb.pdf

https://go.thalesesecurity.com/rs/480-LWA-970/images/2019-DTR-Global-USL-Web.pdf

RESOURCES