Welcome!

Cloud Expo Authors: Pat Romanski, Elizabeth White, Liz McMillan, Vincent Brasseur, Ignacio M. Llorente

Blog Feed Post

Porticor’s Latest Release Delivers Industry’s Only Security System for Full Trust and Confidentiality of Data in The Cloud

Mathematically Proven as Secure, Porticor Virtual Private Data System Offers Industry’s First Approach to Uniquely Protect Cloud Data while Stored and in Use

 

TEL AVIV, Israel – Oct. 30, 2012 – Porticor®, a leading cloud data security company delivering the only cloud-based data encryption solution that infuses trust into the cloud and keeps cloud data confidential, today introduced the latest release of its Porticor Virtual Private Data™ (Porticor VPD™) system, which fully protects cloud data while stored and in use, delivering total security to cloud environments which previously were considered untrusted.

Porticor’s VPD system remains the industry’s only solution to fully protect data stored in public, private and hybrid clouds and deliver trust in the security of these environments.  With today’s release, Porticor solves the remaining obstacle to trust in the cloud – protecting the encryption keys of data while they are being used.

With a lack of trust in the cloud, organizations are inhibited from fully leveraging the well-known business benefits the cloud has to offer.  Traditional cloud security solutions put customers’ encryption keys in the possession of the security vendor or cloud provider, and fail to fully protect cloud data and its encryption keys while stored and in use.  Now, organizations can benefit from the latest in cloud encryption technology from Porticor to leverage the benefits of the cloud, all with full confidence that their data will remain confidential, while maintaining compliance and the highest levels of cloud security.

“Potential cloud users worry about two things about information protection in the cloud – protecting it from other tenants and protecting it from the cloud provider,” said Neil MacDonald, VP and Gartner Fellow.  “Encryption is one protection option; however, when the encryption keys are used, data is at risk at that point.  A solution that works completely in the cloud, yet is able to keep the keys protected in memory would help reduce the scope of a possible breach entry point.”

Porticor’s patented Virtual Key Management service, with breakthrough split-key encryption technology uniquely keeps encryption keys in customer’s control, delivering a trusted cloud-based key management system for cloud data at rest.  Now with homomorphic key encryption technology added to its solution, Porticor keeps the master encryption keys fully encrypted and secured even while being used to access cloud data.  With the world’s first commercial application of homomorphic encryption technology, organizations can now fully trust that their cloud data is secure and cannot be compromised both while stored or being accessed.

Unlike traditional data encryption solutions, which are complicated and expensive to deploy and manage, and do not resolve the issue of full security and trust in the cloud, Porticor’s split-key management system is the industry’s first cloud data protection service delivering true trust to the cloud by ensuring customer encryption keys are never exposed.  Porticor is the only cloud data protection system that delivers data security across virtual disks, databases, distributed storage and file systems.  Furthermore, Porticor’s new homomorphic key-encryption approach is open to rigorous mathematical proof and cryptographic analysis under explicit and well-defined mathematical assumptions.  Dr. Alon Rosen, a cryptography expert from the Herzliya Interdisciplinary Center, has independently completed a rigorous analysis, and proves the Porticor system is secure.  For more information on Dr. Rosen’s findings and for a free copy of his analysis and report, see http://www.porticor.com/hkm-analysis.

Homomorphic encryption is a technique that enables mathematical operations to be performed on encrypted data.  Porticor’s patent-pending technology implements partially homomorphic encryption techniques for combining and splitting encryption keys.  It enables the Porticor VPD system to give the application access to the data store without exposing the master keys in an unencrypted state.  This also ensures that if a master key is stolen, it can still never be used to access a data store.

“As part of our solution we often maintain sensitive compliance incident data from our enterprise customers’ public social media presence,” said Devin Redmond, Social iQ Networks CEO and Co-founder.  “Doing so on a cloud infrastructure required us to adopt a different cloud data security approach.  By deploying Porticor we are able to guarantee that our customers’ data is encrypted at all times.  But more importantly, using Porticor’s unique key-splitting and homomorphic key encryption technology, we know that no one but our customers have access to the encryption keys.”

The Porticor VPD system is made up of the Porticor Virtual Appliance and the Porticor Virtual Key Management Service, delivering the industry’s highest level of data privacy in a public environment for data protection and compliance to regulations such as SOX, HIPAA, PCI DSS and GLBA, while also solving the issues raised by EU Data Protection and the U.S. Patriot Act.  Porticor enables IaaS and PaaS cloud users to create a secured environment within minutes while completely eliminating the need to trust a security vendor or cloud provider with their encryption keys, solving the biggest challenge for data encryption in the cloud – protecting the cloud data encryption keys while stored and in use.

“With this release, Porticor enhances the high levels of trust it was already infusing into the cloud with our split-key method to now fully protect cloud data at rest and in use,” said Gilad Parann-Nissany, Porticor founder and CEO.  “Now, organizations can trust their data to the cloud, knowing that their data encryption keys are kept private 100-percent of the time.  Because the encryption keys are never exposed to risk, Porticor’s cloud data security system delivers the highest levels of data security available on premise or in the cloud.”

Pricing and Availability

The new release of Porticor VPD is available today directly from Porticor at http://www.porticor.com/pricing-plans/.  VPD is deployed in the cloud and managed from Porticor’s customer portal.  Pricing starts at $65 per month per Porticor Virtual Appliance.

About Porticor

Porticor is the leading cloud security company delivering easy-to-use and scalable security solutions for cloud data encryption and key management without sacrificing trust.  The Porticor Virtual Private Data (VPD) system is the industry’s first solution combining data encryption, patented split-key management and homomorphic encryption to protect critical data in public, private and hybrid cloud environments.  Within minutes, customers can encrypt their entire data layer with the proven AES 256-bit encryption algorithm.  Porticor is an official Amazon Web Services Solution provider, a VMware Technology Alliance Partner, and supports other clouds, and was the only cloud security semi-finalist in the AWS 2011 Startup Challenge.  The company is headquartered in Tel Aviv, Israel, and is venture backed by Glilot Capital.  For more information, visit: http://www.porticor.com/.

###

Porticor®, Porticor Virtual Private Data™, Porticor Virtual Key Management™, PVKM™ and Porticor VPD™ are trademarks of Porticor. Copyright© Porticor 2012. All other products and/or services referenced are trademarks of their respective companies.

The post Porticor’s Latest Release Delivers Industry’s Only Security System for Full Trust and Confidentiality of Data in The Cloud appeared first on Porticor Cloud Security.

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at G.ho.st - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.

@CloudExpo Stories
15th Cloud Expo, which took place Nov. 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA, expanded the conference content of @ThingsExpo, Big Data Expo, and DevOps Summit to include two developer events. IBM held a Bluemix Developer Playground on November 5 and ElasticBox held a Hackathon on November 6. Both events took place on the expo floor. The Bluemix Developer Playground, for developers of all levels, highlighted the ease of use of Bluemix, its services and functionalit...
One of the biggest challenges when developing connected devices is identifying user value and delivering it through successful user experiences. In his session at Internet of @ThingsExpo, Mike Kuniavsky, Principal Scientist, Innovation Services at PARC, described an IoT-specific approach to user experience design that combines approaches from interaction design, industrial design and service design to create experiences that go beyond simple connected gadgets to create lasting, multi-device exp...
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, discussed how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP HANA...
Want to enable self-service provisioning of application environments in minutes that mirror production? Can you automatically provide rich data with code-level detail back to the developers when issues occur in production? In his session at DevOps Summit, David Tesar, Microsoft Technical Evangelist on Microsoft Azure and DevOps, will discuss how to accomplish this and more utilizing technologies such as Microsoft Azure, Visual Studio online, and Application Insights in this demo-heavy session.
Enthusiasm for the Internet of Things has reached an all-time high. In 2013 alone, venture capitalists spent more than $1 billion dollars investing in the IoT space. With "smart" appliances and devices, IoT covers wearable smart devices, cloud services to hardware companies. Nest, a Google company, detects temperatures inside homes and automatically adjusts it by tracking its user's habit. These technologies are quickly developing and with it come challenges such as bridging infrastructure gaps,...
When an enterprise builds a hybrid IaaS cloud connecting its data center to one or more public clouds, security is often a major topic along with the other challenges involved. Security is closely intertwined with the networking choices made for the hybrid cloud. Traditional networking approaches for building a hybrid cloud try to kludge together the enterprise infrastructure with the public cloud. Consequently this approach requires risky, deep "surgery" including changes to firewalls, subnets...
DevOps is all about agility. However, you don't want to be on a high-speed bus to nowhere. The right DevOps approach controls velocity with a tight feedback loop that not only consists of operational data but also incorporates business context. With a business context in the decision making, the right business priorities are incorporated, which results in a higher value creation. In his session at DevOps Summit, Todd Rader, Solutions Architect at AppDynamics, discussed key monitoring techniques...
"Cloud consumption is something we envision at Solgenia. That is trying to let the cloud spread to the user as a consumption, as utility computing. We want to allow the people to just pay for what they use, not a subscription model," explained Ermanno Bonifazi, CEO & Founder of Solgenia, in this SYS-CON.tv interview at Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The Domain Name Service (DNS) is one of the most important components in networking infrastructure, enabling users and services to access applications by translating URLs (names) into IP addresses (numbers). Because every icon and URL and all embedded content on a website requires a DNS lookup loading complex sites necessitates hundreds of DNS queries. In addition, as more internet-enabled ‘Things' get connected, people will rely on DNS to name and find their fridges, toasters and toilets. Acco...
"For the past 4 years we have been working mainly to export. For the last 3 or 4 years the main market was Russia. In the past year we have been working to expand our footprint in Europe and the United States," explained Andris Gailitis, CEO of DEAC, in this SYS-CON.tv interview at Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Connected devices and the Internet of Things are getting significant momentum in 2014. In his session at Internet of @ThingsExpo, Jim Hunter, Chief Scientist & Technology Evangelist at Greenwave Systems, examined three key elements that together will drive mass adoption of the IoT before the end of 2015. The first element is the recent advent of robust open source protocols (like AllJoyn and WebRTC) that facilitate M2M communication. The second is broad availability of flexible, cost-effective ...
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using ...
High-performing enterprise Software Quality Assurance (SQA) teams validate systems that are ready for use - getting most actively involved as components integrate and form complete systems. These teams catch and report on defects, making sure the customer gets the best software possible. SQA teams have leveraged automation and virtualization to execute more thorough testing in less time - bringing Dev and Ops together, ensuring production readiness. Does the emergence of DevOps mean the end of E...
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
How do APIs and IoT relate? The answer is not as simple as merely adding an API on top of a dumb device, but rather about understanding the architectural patterns for implementing an IoT fabric. There are typically two or three trends: Exposing the device to a management framework Exposing that management framework to a business centric logic Exposing that business layer and data to end users. This last trend is the IoT stack, which involves a new shift in the separation of what stuff happe...
The Internet of Things will put IT to its ultimate test by creating infinite new opportunities to digitize products and services, generate and analyze new data to improve customer satisfaction, and discover new ways to gain a competitive advantage across nearly every industry. In order to help corporate business units to capitalize on the rapidly evolving IoT opportunities, IT must stand up to a new set of challenges. In his session at @ThingsExpo, Jeff Kaplan, Managing Director of THINKstrateg...
Cultural, regulatory, environmental, political and economic (CREPE) conditions over the past decade are creating cross-industry solution spaces that require processes and technologies from both the Internet of Things (IoT), and Data Management and Analytics (DMA). These solution spaces are evolving into Sensor Analytics Ecosystems (SAE) that represent significant new opportunities for organizations of all types. Public Utilities throughout the world, providing electricity, natural gas and water,...
The Internet of Things will greatly expand the opportunities for data collection and new business models driven off of that data. In her session at @ThingsExpo, Esmeralda Swartz, CMO of MetraTech, discussed how for this to be effective you not only need to have infrastructure and operational models capable of utilizing this new phenomenon, but increasingly service providers will need to convince a skeptical public to participate. Get ready to show them the money!
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability. In his session at @ThingsExpo, Robin Raymond, Chief Architect...
The Internet of Things is tied together with a thin strand that is known as time. Coincidentally, at the core of nearly all data analytics is a timestamp. When working with time series data there are a few core principles that everyone should consider, especially across datasets where time is the common boundary. In his session at Internet of @ThingsExpo, Jim Scott, Director of Enterprise Strategy & Architecture at MapR Technologies, discussed single-value, geo-spatial, and log time series dat...