Welcome!

@CloudExpo Authors: Pat Romanski, Liz McMillan, Elizabeth White, Miska Kaipiainen, Ed Featherston

Blog Feed Post

Interview with Gilad Parann-Nissany of Porticor

 logo virtual Interview with Gilad Parann Nissany of Porticor

 

 

(Originally posted by Virtual Strategy Magazine here)

VSM: It’s been a while since we’ve spoken, not since Q1 around Porticor’s company and initial product launch. What has the company been up to?

GPN: Thank you for asking. Porticor has been growing on the customer and partner front, and working hard on product innovations, which is why we are talking today. Since our launch we have signed key partnerships, including with Amazon Web Services, VMware, and HP. Customers and the industry continue to validate our solution, and Porticor this year has won some significant industry honors, including being named as the Most Innovative Company of the Year by the Stevie Awards Program.

VSM: And you have a new major release with the Porticor Virtual Private Data security solution? Can you tell us about it?

GPN: Yes, we have extended the functionality of the Porticor Virtual Data system to now protect and keep confidential the encryption keys while they are in use, further protecting data in virtual and cloud environments. As a result, we are helping to assure organizations that they can trust their virtual and cloud data to be safe.

VSM: How is this different than what Porticor previously released to protect organizations’ private data stored in virtual and cloud environments?

GPN: Porticor’s new release protects the encryption keys while in use, and previously the solution protected only data at rest. Specifically, the earlier solution introduced the industry to our patented split-key encryption technology, which protects data encryption keys while they are stored (at rest) by keeping the keys safely in the hands of the customer, not the security vendor or cloud service provider. We have now added the additional security assurance to protect the encryption keys even while in use.

VSM: What are the new use cases that can now be achieved securely in the cloud, and why?

GPN: With this new solution, there are many new private cloud and public cloud use case applications that open up. For example, a virtual bank service that must segregate and encrypt users’ data can now fully benefit from a virtual environment using this solution. Using Porticor, the ISV can now provide a secured virtual bank service while using a public cloud infrastructure. The ISV does not trust anyone but itself with the encryption keys and provides trust and control to its end users, while knowing the most sensitive data – its encryption keys – are secured while at rest and while in use.

VSM: Aren’t there current solutions already available addressing these issues?

GPN: No solution available keeps data encryption keys securely in the hands of the customer; and specific to Porticor’s new release, no solution available protects encryption keys while they are in use to fully secure virtual and cloud data. This is because of an innovation Porticor has rolled out which is the industry’s first commercial use of a highly technical mathematical algorithm called partially-homomorphic encryption technology.

VSM: Can you describe homomorphic technology, and how it’s used to protect virtual and cloud data?

GPN: Homomorphic encryption is a technique that enables mathematical operations to be performed on encrypted data. Porticor’s patent-pending technology implements partially homomorphic encryption techniques for combining and splitting encryption keys. It enables the Porticor VPD system to give the application access to the virtual and cloud data store without exposing the keys in an unencrypted state. This also ensures that if a master key is stolen, it can still never be used to break the entire virtual and cloud data store.

VSM: What is different about your solution? Why is this important?

GPN: Porticor’s system is the industry’s first data protection service delivering true trust to virtual and cloud environments by ensuring customer encryption keys are never exposed, either at rest (stored) or in use. Porticor is also the only data protection system that delivers data security across virtual disks, databases, distributed storage and file systems. This is important because Porticor solves the remaining obstacle to trust in the cloud – protecting the entire data store while keeping the encryption keys secure at all times.

VSM: What are some of the other benefits of this new technology?

GPN: With a lack of trust in the cloud, organizations are inhibited from fully leveraging the well-known business benefits the cloud has to offer. Now, organizations can benefit from the latest in cloud encryption technology from Porticor to leverage the benefits of the cloud, all with full confidence that their data will remain confidential, while maintaining compliance and the highest levels of cloud security. Being fully secure, Porticor also helps organizations meet compliance requirements for regulations such as SOX, HIPAA, PCI DSS, GLBA, EU Data Protection and the US Patriot Act, in these virtual and cloud environments.

VSM: What can we expect to see from Porticor in 2013?

GPN: Porticor’s unique technologies are essentially a “root of trust” for private and public cloud users. During 2013 we expect to continue strong growth with customers in industries like Finance, Health, Insurance, Media and Manufacturing. This allows them to adopt private and public clouds while being defended against a significant variety of threats.

VSM: It’s been great chatting with you today. Anything else you’d like to share about the state of virtualized data protection or the new Porticor solution?

GPN: This is the first commercial application of this type of homomorphic key encryption technique, and I know that many are unfamiliar with it. Porticor’s approach is unique in that it is open to rigorous mathematical proof and cryptographic analysis under explicit and well defined assumptions. For example, Dr. Alon Rosen, a Cryptography expert from the School of Computer Science at the Herzliya Interdisciplnary Center, has independently performed rigorous analysis, resulting in a proof that the approach and its associated protocols “securely realize the intended functionality.”

The post Interview with Gilad Parann-Nissany of Porticor appeared first on Porticor Cloud Security.

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at G.ho.st - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.

@CloudExpo Stories
WebRTC adoption has generated a wave of creative uses of communications and collaboration through websites, sales apps, customer care and business applications. As WebRTC has become more mainstream it has evolved to use cases beyond the original peer-to-peer case, which has led to a repeating requirement for interoperability with existing infrastructures. In his session at @ThingsExpo, Graham Holt, Executive Vice President of Daitan Group, will cover implementation examples that have enabled ea...
IoT offers a value of almost $4 trillion to the manufacturing industry through platforms that can improve margins, optimize operations & drive high performance work teams. By using IoT technologies as a foundation, manufacturing customers are integrating worker safety with manufacturing systems, driving deep collaboration and utilizing analytics to exponentially increased per-unit margins. However, as Benoit Lheureux, the VP for Research at Gartner points out, “IoT project implementers often ...
SYS-CON Events announced today that Tintri Inc., a leading producer of VM-aware storage (VAS) for virtualization and cloud environments, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Tintri VM-aware storage is the simplest for virtualized applications and cloud. Organizations including GE, Toyota, United Healthcare, NASA and 6 of the Fortune 15 have said “No to LUNs.” With Tintri they mana...
The Jevons Paradox suggests that when technological advances increase efficiency of a resource, it results in an overall increase in consumption. Writing on the increased use of coal as a result of technological improvements, 19th-century economist William Stanley Jevons found that these improvements led to the development of new ways to utilize coal. In his session at 19th Cloud Expo, Mark Thiele, Chief Strategy Officer for Apcera, will compare the Jevons Paradox to modern-day enterprise IT, e...
SYS-CON Events announced today the Enterprise IoT Bootcamp, being held November 1-2, 2016, in conjunction with 19th Cloud Expo | @ThingsExpo at the Santa Clara Convention Center in Santa Clara, CA. Combined with real-world scenarios and use cases, the Enterprise IoT Bootcamp is not just based on presentations but with hands-on demos and detailed walkthroughs. We will introduce you to a variety of real world use cases prototyped using Arduino, Raspberry Pi, BeagleBone, Spark, and Intel Edison. Y...
Complete Internet of Things (IoT) embedded device security is not just about the device but involves the entire product’s identity, data and control integrity, and services traversing the cloud. A device can no longer be looked at as an island; it is a part of a system. In fact, given the cross-domain interactions enabled by IoT it could be a part of many systems. Also, depending on where the device is deployed, for example, in the office building versus a factory floor or oil field, security ha...
Is your aging software platform suffering from technical debt while the market changes and demands new solutions at a faster clip? It’s a bold move, but you might consider walking away from your core platform and starting fresh. ReadyTalk did exactly that. In his General Session at 19th Cloud Expo, Michael Chambliss, Head of Engineering at ReadyTalk, will discuss why and how ReadyTalk diverted from healthy revenue and over a decade of audio conferencing product development to start an innovati...
Fifty billion connected devices and still no winning protocols standards. HTTP, WebSockets, MQTT, and CoAP seem to be leading in the IoT protocol race at the moment but many more protocols are getting introduced on a regular basis. Each protocol has its pros and cons depending on the nature of the communications. Does there really need to be only one protocol to rule them all? Of course not. In his session at @ThingsExpo, Chris Matthieu, co-founder and CTO of Octoblu, walk you through how Oct...
SYS-CON Events announced today that Bsquare has been named “Silver Sponsor” of SYS-CON's @ThingsExpo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. For more than two decades, Bsquare has helped its customers extract business value from a broad array of physical assets by making them intelligent, connecting them, and using the data they generate to optimize business processes.
Whether they’re located in a public, private, or hybrid cloud environment, cloud technologies are constantly evolving. While the innovation is exciting, the end mission of delivering business value and rapidly producing incremental product features is paramount. In his session at @DevOpsSummit at 19th Cloud Expo, Kiran Chitturi, CTO Architect at Sungard AS, will discuss DevOps culture, its evolution of frameworks and technologies, and how it is achieving maturity. He will also cover various st...
Identity is in everything and customers are looking to their providers to ensure the security of their identities, transactions and data. With the increased reliance on cloud-based services, service providers must build security and trust into their offerings, adding value to customers and improving the user experience. Making identity, security and privacy easy for customers provides a unique advantage over the competition.
There are several IoTs: the Industrial Internet, Consumer Wearables, Wearables and Healthcare, Supply Chains, and the movement toward Smart Grids, Cities, Regions, and Nations. There are competing communications standards every step of the way, a bewildering array of sensors and devices, and an entire world of competing data analytics platforms. To some this appears to be chaos. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, Bradley Holt, Developer Advocate a...
SYS-CON Events announced today that Niagara Networks will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Niagara Networks offers the highest port-density systems, and the most complete Next-Generation Network Visibility systems including Network Packet Brokers, Bypass Switches, and Network TAPs.
SYS-CON Events announced today that Secure Channels will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. The bedrock of Secure Channels Technology is a uniquely modified and enhanced process based on superencipherment. Superencipherment is the process of encrypting an already encrypted message one or more times, either using the same or a different algorithm.
If you’re responsible for an application that depends on the data or functionality of various IoT endpoints – either sensors or devices – your brand reputation depends on the security, reliability, and compliance of its many integrated parts. If your application fails to deliver the expected business results, your customers and partners won't care if that failure stems from the code you developed or from a component that you integrated. What can you do to ensure that the endpoints work as expect...
So, you bought into the current machine learning craze and went on to collect millions/billions of records from this promising new data source. Now, what do you do with them? Too often, the abundance of data quickly turns into an abundance of problems. How do you extract that "magic essence" from your data without falling into the common pitfalls? In her session at @ThingsExpo, Natalia Ponomareva, Software Engineer at Google, provided tips on how to be successful in large scale machine learning...
In his general session at 18th Cloud Expo, Lee Atchison, Principal Cloud Architect and Advocate at New Relic, discussed cloud as a ‘better data center’ and how it adds new capacity (faster) and improves application availability (redundancy). The cloud is a ‘Dynamic Tool for Dynamic Apps’ and resource allocation is an integral part of your application architecture, so use only the resources you need and allocate /de-allocate resources on the fly.
If you had a chance to enter on the ground level of the largest e-commerce market in the world – would you? China is the world’s most populated country with the second largest economy and the world’s fastest growing market. It is estimated that by 2018 the Chinese market will be reaching over $30 billion in gaming revenue alone. Admittedly for a foreign company, doing business in China can be challenging. Often changing laws, administrative regulations and the often inscrutable Chinese Interne...
Enterprise IT has been in the era of Hybrid Cloud for some time now. But it seems most conversations about Hybrid are focused on integrating AWS, Microsoft Azure, or Google ECM into existing on-premises systems. Where is all the Private Cloud? What do technology providers need to do to make their offerings more compelling? How should enterprise IT executives and buyers define their focus, needs, and roadmap, and communicate that clearly to the providers?
More and more companies are looking to microservices as an architectural pattern for breaking apart applications into more manageable pieces so that agile teams can deliver new features quicker and more effectively. What this pattern has done more than anything to date is spark organizational transformations, setting the foundation for future application development. In practice, however, there are a number of considerations to make that go beyond simply “build, ship, and run,” which changes ho...