Vendors tap into cloud security concerns with new encryption tools
Products let enterprises retain control over key management functions
Computerworld - A handful of vendors have begun rolling out new technologies designed to let companies take advantage of cloud computing environments without exposing sensitive data.
One of these vendors, CipherCloud, a Cupertino, Calif.-based start-up, on Thursday launched a virtual appliance technology that companies can use from within their premises to encrypt or to mask sensitive data before it hits the cloud platform.
Unlike the case with encryption services offered by cloud providers, CipherCloud's technology lets enterprises have complete control over the encryption and decryption process, said Pravin Kothari, CEO and founder of the company. The only set of encryption keys resides with the enterprise and not the cloud provider, ensuring that only authorized users can view the data, Kothari said.
CipherCloud's algorithm works in a way that encrypts data without fundamentally altering the data format or function, said Kothari, whose previous start-up was ArcSight , a company acquired by Hewlett-Packard last year for $1.5 billion.
CipherCloud's technology also supports a tokenization feature that replaces sensitive data entered into a cloud application with anonymous dummy values. The tokenization feature, like the encryption technology, lets companies mask sensitive data while ensuring that they still retain the ability to sort, search, validate and generate reports with it, according to Kothari.
CipherCloud's technology is designed to work with any cloud provider, although the launch version works only with Salesforce.com's cloud platform.
CipherCloud is not the only company offering such products. Another vendor offering a similar cloud encryption technology is Vormetric, which on Wednesday rolled out an encryption product for use within Amazon's Web Services platform. The Vormetric product also lets enterprises encrypt sensitive data that is stored in the cloud, while allowing them to retain full control over encryption key and policy management functions.
Voltage Security and Navajo Systems offer technologies that are similar in approach and function to CipherCloud's product. Like CipherCloud, Navajo has an offering for Salesforce.com's cloud computing platform.
Such technologies give companies an immediate way to protect data in their existing cloud applications, said Richard Stiennon, a security analyst at IT-Harvest. They also can help mitigate the data residency issues that can sometimes crop up when companies move data to the cloud, he said. Companies in certain industries for instance, can face restrictions when it comes to storing their data outside certain geographic borders. The data masking and cloud encryption tools that are becoming available today can offer a way around such issues, he said.
One example of an organization that plans on using such technology to get around data residency restrictions is the New Democratic Party (NDP) of Canada, which is a beta tester of the CipherCloud product. The NDP wanted to move its applications to Salesforce.com but was concerned about having its database of 24 million voters stored on Salesforce.com servers in the U.S.
- Securing Mobility, From Device to Network At one time, the process of managing and securing mobile devices and applications was fairly straightforward. Most organizations worried about one application (email)...
- Data Protection eGuide In this eGuide, CSO and sister publications IDG News Service, Computerworld, and CIO pull together news, trend, and how-to articles about the increasingly...
- Warning: Cloud Data at Risk Experts agree that relying on SaaS vendors to backup and restore your data is dangerous. Yet that's exactly what huge portions of the...
- The Opportunities and Challenges of the Cloud In this report F5 poses questions to IDC analysts, Sally Hudson and Phil Hochmuth, on behalf of F5's customers to better understand the...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!