Skip the navigation

Vendors tap into cloud security concerns with new encryption tools

Products let enterprises retain control over key management functions

February 10, 2011 06:00 AM ET

Computerworld - A handful of vendors have begun rolling out new technologies designed to let companies take advantage of cloud computing environments without exposing sensitive data.

One of these vendors, CipherCloud, a Cupertino, Calif.-based start-up, on Thursday launched a virtual appliance technology that companies can use from within their premises to encrypt or to mask sensitive data before it hits the cloud platform.

Unlike the case with encryption services offered by cloud providers, CipherCloud's technology lets enterprises have complete control over the encryption and decryption process, said Pravin Kothari, CEO and founder of the company. The only set of encryption keys resides with the enterprise and not the cloud provider, ensuring that only authorized users can view the data, Kothari said.

CipherCloud's algorithm works in a way that encrypts data without fundamentally altering the data format or function, said Kothari, whose previous start-up was ArcSight , a company acquired by Hewlett-Packard last year for $1.5 billion.

CipherCloud's technology also supports a tokenization feature that replaces sensitive data entered into a cloud application with anonymous dummy values. The tokenization feature, like the encryption technology, lets companies mask sensitive data while ensuring that they still retain the ability to sort, search, validate and generate reports with it, according to Kothari.

CipherCloud's technology is designed to work with any cloud provider, although the launch version works only with Salesforce.com's cloud platform.

CipherCloud is not the only company offering such products. Another vendor offering a similar cloud encryption technology is Vormetric, which on Wednesday rolled out an encryption product for use within Amazon's Web Services platform. The Vormetric product also lets enterprises encrypt sensitive data that is stored in the cloud, while allowing them to retain full control over encryption key and policy management functions.

Voltage Security and Navajo Systems offer technologies that are similar in approach and function to CipherCloud's product. Like CipherCloud, Navajo has an offering for Salesforce.com's cloud computing platform.

Such technologies give companies an immediate way to protect data in their existing cloud applications, said Richard Stiennon, a security analyst at IT-Harvest. They also can help mitigate the data residency issues that can sometimes crop up when companies move data to the cloud, he said. Companies in certain industries for instance, can face restrictions when it comes to storing their data outside certain geographic borders. The data masking and cloud encryption tools that are becoming available today can offer a way around such issues, he said.

One example of an organization that plans on using such technology to get around data residency restrictions is the New Democratic Party (NDP) of Canada, which is a beta tester of the CipherCloud product. The NDP wanted to move its applications to Salesforce.com but was concerned about having its database of 24 million voters stored on Salesforce.com servers in the U.S.



Our Commenting Policies
Internet of Things: Get the latest!
Internet of Things

Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!