Gazzang, the big data security experts, today at AWS Summit 2014 announced the availability of a set of preconfigured Amazon Machine Images (AMI) on the Amazon Web Services (AWS) platform that allow users to launch fully encrypted cloud instances from the AWS Management Console. The new Gazzang CloudEncrypt solutions were developed to help organizations securely move sensitive workloads into the cloud and grow their environments as business demands warrant.
"Security should be as agile and elastic as the cloud itself,” said Rich Mogull, analyst and CEO at Securosis. “Your security tools need to account for the highly dynamic nature of the cloud, where servers might pop up automatically and run for only an hour before disappearing forever.
“We are taking a unique approach to cloud security by using encryption, key management and access controls to ensure the integrity of the image and protect the data itself,” said Sam Heywood, vice president of products and marketing at Gazzang. “And because the cloud isn’t static, we designed the solutions to take on the traits of the cloud they’re protecting. That means the CloudEncrypt AMIs can scale to meet business needs and are flexible enough to work across multiple cloud applications.”
The following products are now available worldwide from Gazzang:
Gazzang CloudEncrypt for Amazon EC2
AWS customers can launch a secure Ubuntu image and select from a variety of databases including MongoDB Enterprise Edition, MySQL and PostgreSQL (with Apache Hadoop and Cassandra coming soon). Each image contains the exact same security configurations at boot time to make it easier for a user to spin up new instances and add them to the existing cluster. Preconfigured security includes the following:
- High-performance transparent data-at-rest encryption and key management to secure configuration and log files, directories and Amazon Elastic Block Storage (Amazon EBS) volumes
- Access controls and Linux firewall settings preset to allow only certain approved processes to access encrypted data
- HIPAA-compliant SSH login
- Java API’s that enable users to encrypt and decrypt data moving into and out of Amazon Simple Storage Service (Amazon S3) and Amazon Glacier
- Settings that require HTTPS, close unused ports, shut down unnecessary services and delete data on virtual machine termination
Gazzang CloudEncrypt for AWS Elastic Beanstalk
Each new application deployed with Gazzang CloudEncrypt for AWS Elastic Beanstalk will be wrapped with Gazzang security applied automatically.
Gazzang CloudEncrypt for StarCluster
Gazzang is bringing its unique approach to cloud security to enable organizations to deploy secure, large-scale compute clusters on Amazon EC2 using StarCluster. Now research organizations can run sensitive workloads - including ones in HIPAA scope - in the public cloud. In addition to the security features resident in Gazzang CloudEncrypt for Amazon EC2, CloudEncrypt for StarCluster includes master node encryption, slave node encryption and GlusterFS encrypted secure share.
“We are excited to see Gazzang expand their CloudEncrypt product offering to further complement AWS’ enterprise security capabilities, making it easier for customers to confidently deploy mission critical applications on AWS,” said Terry Wise, Director of Worldwide Partner Ecosystem, Amazon Web Services, Inc.
Last year, Gazzang launched CloudEncrypt for Amazon Elastic MapReduce (EMR), which provides data encryption and key management at every stage of the Amazon EMR data lifecycle.