Welcome!

Blog Feed Post

Porticor’s Safe-Deposit Box Strategy Balances Data Control And Security In The Cloud

Posted by Robert Mullins, February 16, 2012

Data at rest has long been protected by technology called public key infrastructure (PKI), in which data is encrypted when it’s created by a public key, and only decrypted by the authorized person holding the private key. But data protection is complicated in cloud environments.

According to a new report,InformationWeek’s “Data Encryption: Ushering In a New Era”, cloud and mobility are adding new challenges to security. “The problem of mobility and cloud is it forces policies, processes and encryption technologies to have to scale to an outside device, organization, and too many more use cases,” says Michael Davis, CEO of Savid Technologies and author of the report. “This usually means the governance/audit team isn’t ready, the security team gets bogged down in details related to deployment, but in the end we don’t see users impacted too much by encryption in these spaces as the technology is usually transparent.”

A number of firms are developing technologies to address one of the top security concerns of companies considering a cloud deployment. One such company, Israeli-based Porticor, is coming out with an encryption tool that secures data managed by public cloud service providers and by companies that deliver private cloud platforms to enterprise customers. The founder and CEO says their approach to data security in the cloud is based on the concept of the safe deposit box people use to securely store valuables in a bank.

“A safe deposit box in a bank has two keys, one for the customer and the other for the banker,” says Gilad Parann-Nissany. The customer can’t open the box without the banker’s key and the banker can’t open the box without the customer’s key.

In the cloud environment, Porticor’s solution gives one key to the customer — in this case the customer who subscribes to a public cloud infrastructure as a service (IaaS) provider, or to a company that operates a private cloud for a customer under the platform as a service (PaaS) model. The provider, or “banker,” has a unique key for each application that the customer runs in the public or private cloud environment, he explains.

The safe deposit box analogy is not new in data encryption, says Scott Crawford, managing research director at Enterprise Management Associates, but he believes Porticor’s approach to protecting data in third-party-hosted resources is unique. “It is targeted to help solve the problem of balancing control over data security with reliable key management that has challenged many other approaches up to now,” he says.

But Porticor is not alone in trying to deliver a cloud data security solution. He identifies CipherCloud as a company offering a data security gateway designed specifically for cloud environments, as does Navajo Systems, a company acquired by Salesforce.com in August 2011. There are also a number of vendors that address both on-premise and cloud data security through various approaches including Vormetric, Gazzang and Voltage Security.

Porticor’s Virtual Private Data System offering is two-fold: the Porticor Virtual Appliance/Agent; and the Porticor Virtual Key Management Service. The appliance encrypts the customer’s entire data layer using the AES 256-bit encryption algorithm; pricing starts at $27.50 per month per appliance. The key management service uses the company’ patent-pending key-splitting technology to create the customer and banker keys.

The offering gives customers the security of knowing they maintain control over their data when they entrust it to the cloud, and offloads the responsibility for protecting that data from the cloud providers to Porticor. “For the first time, what we allow our customers to do here is to basically maintain privacy within a public environment. We have eliminated the dilemma of where do we store the key,” says co-founder Ariel Dan.

Porticor was founded in 2010 and its veteran start-up team spent time at SAP, Check Point Software Technologies, Websense and PortAuthority. The company is in the midst of finalizing partnerships with one major IaaS public cloud service provider and another major PaaS private cloud provider — both U.S.-based — but wasn’t ready to disclose their identities.

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at G.ho.st - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.

Latest Stories
The Internet giants are fully embracing AI. All the services they offer to their customers are aimed at drawing a map of the world with the data they get. The AIs from these companies are used to build disruptive approaches that cannot be used by established enterprises, which are threatened by these disruptions. However, most leaders underestimate the effect this will have on their businesses. In his session at 21st Cloud Expo, Rene Buest, Director Market Research & Technology Evangelism at Ara...
In his session at @ThingsExpo, Eric Lachapelle, CEO of the Professional Evaluation and Certification Board (PECB), provided an overview of various initiatives to certify the security of connected devices and future trends in ensuring public trust of IoT. Eric Lachapelle is the Chief Executive Officer of the Professional Evaluation and Certification Board (PECB), an international certification body. His role is to help companies and individuals to achieve professional, accredited and worldwide re...
It is ironic, but perhaps not unexpected, that many organizations who want the benefits of using an Agile approach to deliver software use a waterfall approach to adopting Agile practices: they form plans, they set milestones, and they measure progress by how many teams they have engaged. Old habits die hard, but like most waterfall software projects, most waterfall-style Agile adoption efforts fail to produce the results desired. The problem is that to get the results they want, they have to ch...
Cloud Expo, Inc. has announced today that Andi Mann and Aruna Ravichandran have been named Co-Chairs of @DevOpsSummit at Cloud Expo Silicon Valley which will take place Oct. 31-Nov. 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. "DevOps is at the intersection of technology and business-optimizing tools, organizations and processes to bring measurable improvements in productivity and profitability," said Aruna Ravichandran, vice president, DevOps product and solutions marketing...
"Loom is applying artificial intelligence and machine learning into the entire log analysis process, from start to finish and at the end you will get a human touch,” explained Sabo Taylor Diab, Vice President, Marketing at Loom Systems, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Wooed by the promise of faster innovation, lower TCO, and greater agility, businesses of every shape and size have embraced the cloud at every layer of the IT stack – from apps to file sharing to infrastructure. The typical organization currently uses more than a dozen sanctioned cloud apps and will shift more than half of all workloads to the cloud by 2018. Such cloud investments have delivered measurable benefits. But they’ve also resulted in some unintended side-effects: complexity and risk. ...
"We are a monitoring company. We work with Salesforce, BBC, and quite a few other big logos. We basically provide monitoring for them, structure for their cloud services and we fit into the DevOps world" explained David Gildeh, Co-founder and CEO of Outlyer, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
SYS-CON Events announced today that Enzu will exhibit at SYS-CON's 21st Int\ernational Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Enzu’s mission is to be the leading provider of enterprise cloud solutions worldwide. Enzu enables online businesses to use its IT infrastructure to their competitive advantage. By offering a suite of proven hosting and management services, Enzu wants companies to focus on the core of their ...
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
In 2014, Amazon announced a new form of compute called Lambda. We didn't know it at the time, but this represented a fundamental shift in what we expect from cloud computing. Now, all of the major cloud computing vendors want to take part in this disruptive technology. In his session at 20th Cloud Expo, Doug Vanderweide, an instructor at Linux Academy, discussed why major players like AWS, Microsoft Azure, IBM Bluemix, and Google Cloud Platform are all trying to sidestep VMs and containers wit...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devic...
Amazon started as an online bookseller 20 years ago. Since then, it has evolved into a technology juggernaut that has disrupted multiple markets and industries and touches many aspects of our lives. It is a relentless technology and business model innovator driving disruption throughout numerous ecosystems. Amazon’s AWS revenues alone are approaching $16B a year making it one of the largest IT companies in the world. With dominant offerings in Cloud, IoT, eCommerce, Big Data, AI, Digital Assista...