Security system for trust of data in the cloud

Porticor introduced the latest release of its Virtual Private Data (VPD) system, which protects cloud data while stored and in use, delivering total security to cloud environments which previously were considered untrusted.

Porticor’s VPD system remains the industry’s only solution to fully protect data stored in public, private and hybrid clouds and deliver trust in the security of these environments. With today’s release, Porticor solves the remaining obstacle to trust in the cloud – protecting the encryption keys of data while they are being used.

With a lack of trust in the cloud, organizations are inhibited from fully leveraging the well-known business benefits the cloud has to offer. Traditional cloud security solutions put customers’ encryption keys in the possession of the security vendor or cloud provider, and fail to fully protect cloud data and its encryption keys while stored and in use.

“Potential cloud users worry about two things about information protection in the cloud – protecting it from other tenants and protecting it from the cloud provider,” said Neil MacDonald, VP and Gartner Fellow. “Encryption is one protection option; however, when the encryption keys are used, data is at risk at that point. A solution that works completely in the cloud, yet is able to keep the keys protected in memory would help reduce the scope of a possible breach entry point.”

Porticor’s patented Virtual Key Management service, with breakthrough split-key encryption technology uniquely keeps encryption keys in customer’s control, delivering a trusted cloud-based key management system for cloud data at rest. Now with homomorphic key encryption technology added to its solution, Porticor keeps the master encryption keys fully encrypted and secured even while being used to access cloud data. With a commercial application of homomorphic encryption technology, organizations can now fully trust that their cloud data is secure and cannot be compromised both while stored or being accessed.

Unlike traditional data encryption solutions, which are complicated and expensive to deploy and manage, and do not resolve the issue of full security and trust in the cloud, Porticor’s split-key management system is the industry’s first cloud data protection service delivering true trust to the cloud by ensuring customer encryption keys are never exposed. Porticor is the only cloud data protection system that delivers data security across virtual disks, databases, distributed storage and file systems.

Furthermore, Porticor’s new homomorphic key-encryption approach is open to rigorous mathematical proof and cryptographic analysis under explicit and well-defined mathematical assumptions. Dr. Alon Rosen, a cryptography expert from the Herzliya Interdisciplinary Center, has independently completed a rigorous analysis, and proves the Porticor system is secure.

Homomorphic encryption is a technique that enables mathematical operations to be performed on encrypted data. Porticor’s patent-pending technology implements partially homomorphic encryption techniques for combining and splitting encryption keys. It enables the Porticor VPD system to give the application access to the data store without exposing the master keys in an unencrypted state. This also ensures that if a master key is stolen, it can still never be used to access a data store.

The Porticor VPD system is made up of the Porticor Virtual Appliance and the Porticor Virtual Key Management Service, delivering the industry’s highest level of data privacy in a public environment for data protection and compliance to regulations such as SOX, HIPAA, PCI DSS and GLBA, while also solving the issues raised by EU Data Protection and the U.S. Patriot Act. Porticor enables IaaS and PaaS cloud users to create a secured environment within minutes while completely eliminating the need to trust a security vendor or cloud provider with their encryption keys, solving the biggest challenge for data encryption in the cloud – protecting the cloud data encryption keys while stored and in use.

“With this release, Porticor enhances the high levels of trust it was already infusing into the cloud with our split-key method to now fully protect cloud data at rest and in use,” said Gilad Parann-Nissany, Porticor founder and CEO. “Now, organizations can trust their data to the cloud, knowing that their data encryption keys are kept private 100-percent of the time. Because the encryption keys are never exposed to risk, Porticor’s cloud data security system delivers the highest levels of data security available on premise or in the cloud.”