|By Gilad Parann-Nissany||
|March 8, 2012 03:00 PM EST||
|Porticor is the leader in cloud security, delivering secure, easy to use, scalable solutions for data encryption and key management. Porticor enables companies of all sizes to keep their data safe, comply with regulatory standards, and streamline operations.Founded in 2010 by experts in security, cloud computing and cryptography, Porticor protects critical data in public, private and hybrid clouds. Within minutes, customers can encrypt their entire data layer using proven encryption algorithms. Porticor VPD™ is built for homomorphic split-key encryption, a breakthrough technology offering the convenience of cloud-based key management without sacrificing trust.In the following interview, Gilad Parann-Nissany, Chief Execeutive Officer of Porticor Cloud Security, discusses 1:1 with Rake Narang, Editor-in-Chief of Info Security Products Guide, the future for cloud security and why enterprises will be willing to outsource their security requirements.
Rake Narang, Editor-in-Chief: What are the top 5 issues you hear from customers regarding cloud security?
Gilad Parann-Nissany: Customers we talk to are pretty consistent, usually raising these data security concerns:
There is a strong industry consensus that security, along with regulatory compliance, is the #1 barrier to adoption of cloud computing. Underlining these concerns is the need to establish trust – an organization can outsource its storage or its compute resources, but it cannot outsource confidentiality!
At the same time, companies are attracted to cloud computing for its advantages: flexibility, elasticity and the pay-as-you-go economic model. Customers in the cloud can bring up servers and storage in minutes, and they expect a security solution to provide the same high degree of automation and management.
Customers cannot accept a tradeoff between security and flexibility. They expect the security vendor to deliver the best of both worlds – a strong data security solution which does not compromise the cloud values of flexibility and elasticity. This is not an easy task.
What’s required is a solution to “all of the above”: up in minutes; pay as you go; using the strongest proven encryption algorithms; and ensuring auditability and regulatory compliance.
The needed breakthrough should mean customers’ data is always encrypted, and the master encryption keys are themselves encrypted, even when in use. Key splitting and homomorphic technologies are the secret sauce that can solve this challenge. And this creates trust.
|About Gilad Parann-NissanyA pioneer of Cloud Computing, Gilad has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business), contributed to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at G.ho.st – a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Data Security.|
|Rake Narang: What’s the future for cloud security? Why will enterprises be willing to outsource their security requirements?Gilad Parann-Nissany: At the highest level, the message of the cloud is freedom to focus on organizational core strengths and outsource non-core activities like purchasing servers and deployment. In the same way, it makes sense to outsource security.Nevertheless, achieving data security in the cloud is a difficult challenge. It’s a little like having your cake and eating it; Enterprises want trust and outsourcing at the same time.
We are seeing great investment by cloud providers and security vendors, and the direction is promising. In some ways, because it allows better management and flexible control of resources, cloud computing can be more secure than traditional IT. This was recently recognized by the NSA director and U.S. Cyber Command commander, Gen. Keith Alexander.
In other ways, fundamental breakthroughs in technology are still needed. We see these coming from the fields of key-splitting technology and homomorphic encryption. If these are properly implemented, they allow you to be in the cloud without losing control, because sensitive data or keys are encryptedeven when in use in the cloud, which means cloud providers cannot know them, and even security vendors never know them.
This is the kind of breakthrough that enables trust. Your “security cake” remains whole, and you still enjoy your slice of pay-as-you-go.
So the future of the cloud security industry is rosy, because it is precisely on trend: enterprises will want to outsource complexity to experts who can deliver breakthroughs, while maintaining the confidentiality of information.
Rake Narang: So focusing on cloud security, when is it possible to use classic solutions and where is it necessary to implement new solutions?
Gilad Parann-Nissany: Cloud computing is not one technology; it is the confluence of many advances in virtualization, service enablement, operations, commoditization and industrialized environments. Many well-known technologies from previous innovation rounds – continue to work in the cloud.
This is just as true in the security market, where technologies like firewalls, virtual private networks or data leak prevention – remain very relevant. With these, the right strategy for Enterprises may be evolution: this often involves taking an existing approach, deploying it in the cloud, and then – crucially – wrapping it in an API (application program interface) so that it can be automated in the cloud’s industrialized environment.
But some areas do require new solutions.
The community has provided useful results for hypervisor security, and the best cloud providers do a great job of physical security. Yet new technologies, such as split-key management and homomorphic encryption, have a critical role to play. This will, for the first time, enable enterprises to outsource the complexity while keeping control and confidentiality.
|Company: Porticor Cloud Security
Tel Aviv, IsraelFounded in: 2010
CEO: Gilad Parann-Nissany
Products and Services: Porticor® Virtual Private Data™ systemCompany’s Goals: Enable trusted cloud computing, especially by securing data at rest, for companies of all sizes. We do this by providing, for the first time, an encryption and key management system that does not expose customer data or keys to cloud or security providers, while offering the highest degree of security, the quickest and most cost-effective operations, and excellent performance.
In their session at 17th Cloud Expo, Hal Schwartz, CEO of Secure Infrastructure & Services (SIAS), and Chuck Paolillo, CTO of Secure Infrastructure & Services (SIAS), provide a study of cloud adoption trends and the power and flexibility of IBM Power and Pureflex cloud solutions. In his role as CEO of Secure Infrastructure & Services (SIAS), Hal Schwartz provides leadership and direction for the company.
Aug. 3, 2015 12:30 PM EDT Reads: 190
Container technology is sending shock waves through the world of cloud computing. Heralded as the 'next big thing,' containers provide software owners a consistent way to package their software and dependencies while infrastructure operators benefit from a standard way to deploy and run them. Containers present new challenges for tracking usage due to their dynamic nature. They can also be deployed to bare metal, virtual machines and various cloud platforms. How do software owners track the usag...
Aug. 3, 2015 12:15 PM EDT Reads: 259
As organizations shift towards IT-as-a-service models, the need for managing and protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection and E-Discovery of your data – whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise. In his session at 17th Cloud Expo, Randy De Meno, Chief Technologist - Windows Products and Microsoft Partnerships at Com...
Aug. 3, 2015 11:48 AM EDT
In a recent research, analyst firm IDC found that the average cost of a critical application failure is $500,000 to $1 million per hour and the average total cost of unplanned application downtime is $1.25 billion to $2.5 billion per year for Fortune 1000 companies. In addition to the findings on the cost of the downtime, the research also highlighted best practices for development, testing, application support, infrastructure, and operations teams.
Aug. 3, 2015 11:45 AM EDT Reads: 203
Mobile, social, Big Data, and cloud have fundamentally changed the way we live. “Anytime, anywhere” access to data and information is no longer a luxury; it’s a requirement, in both our personal and professional lives. For IT organizations, this means pressure has never been greater to deliver meaningful services to the business and customers.
Aug. 3, 2015 10:45 AM EDT Reads: 229
SYS-CON Events announced today that MobiDev, a software development company, will exhibit at the 17th International Cloud Expo®, which will take place November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software development company with representative offices in Atlanta (US), Sheffield (UK) and Würzburg (Germany); and development centers in Ukraine. Since 2009 it has grown from a small group of passionate engineers and business managers to a full-scale mobi...
Aug. 3, 2015 09:45 AM EDT Reads: 359
There are many considerations when moving applications from on-premise to cloud. It is critical to understand the benefits and also challenges of this migration. A successful migration will result in lower Total Cost of Ownership, yet offer the same or higher level of robustness. In his session at 15th Cloud Expo, Michael Meiner, an Engineering Director at Oracle, Corporation, analyzed a range of cloud offerings (IaaS, PaaS, SaaS) and discussed the benefits/challenges of migrating to each offe...
Aug. 3, 2015 07:30 AM EDT Reads: 184
"We've just seen a huge influx of new partners coming into our ecosystem, and partners building unique offerings on top of our API set," explained Seth Bostock, Chief Executive Officer at IndependenceIT, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Aug. 2, 2015 10:00 PM EDT Reads: 681
Digital Transformation is the ultimate goal of cloud computing and related initiatives. The phrase is certainly not a precise one, and as subject to hand-waving and distortion as any high-falutin' terminology in the world of information technology. Yet it is an excellent choice of words to describe what enterprise IT—and by extension, organizations in general—should be working to achieve. Digital Transformation means: handling all the data types being found and created in the organizat...
Aug. 2, 2015 06:00 PM EDT Reads: 1,133
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Aug. 2, 2015 05:45 PM EDT Reads: 516
Chuck Piluso presented a study of cloud adoption trends and the power and flexibility of IBM Power and Pureflex cloud solutions. Prior to Secure Infrastructure and Services, Mr. Piluso founded North American Telecommunication Corporation, a facilities-based Competitive Local Exchange Carrier licensed by the Public Service Commission in 10 states, serving as the company's chairman and president from 1997 to 2000. Between 1990 and 1997, Mr. Piluso served as chairman & founder of International Te...
Aug. 2, 2015 04:00 PM EDT Reads: 430
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and benefit of the SDDC, and offers an opportunity to build security 'from the ground up' and weave it into the environment from day one. In his session at 16th Cloud Expo, Reuven Harrison, CTO and Co-Founder of Tufin,...
Aug. 2, 2015 03:00 PM EDT Reads: 554
With SaaS use rampant across organizations, how can IT departments track company data and maintain security? More and more departments are commissioning their own solutions and bypassing IT. A cloud environment is amorphous and powerful, allowing you to set up solutions for all of your user needs: document sharing and collaboration, mobile access, e-mail, even industry-specific applications. In his session at 16th Cloud Expo, Shawn Mills, President and a founder of Green House Data, discussed h...
Aug. 2, 2015 11:45 AM EDT Reads: 482
For IoT to grow as quickly as analyst firms’ project, a lot is going to fall on developers to quickly bring applications to market. But the lack of a standard development platform threatens to slow growth and make application development more time consuming and costly, much like we’ve seen in the mobile space. In his session at @ThingsExpo, Mike Weiner, Product Manager of the Omega DevCloud with KORE Telematics Inc., discussed the evolving requirements for developers as IoT matures and conducte...
Aug. 2, 2015 11:15 AM EDT Reads: 359
One of the hottest areas in cloud right now is DRaaS and related offerings. In his session at 16th Cloud Expo, Dale Levesque, Disaster Recovery Product Manager with Windstream's Cloud and Data Center Marketing team, will discuss the benefits of the cloud model, which far outweigh the traditional approach, and how enterprises need to ensure that their needs are properly being met.
Aug. 2, 2015 09:00 AM EDT Reads: 1,699