Vormetric, a leader in enterprise data security for
physical, virtual, big data, public, private and hybrid cloud
environments, today announced the release of the Vormetric Cloud
Encryption Gateway. This new product extends Vormetric's award-winning
data security platform with protection for data in cloud storage
environments, helping enterprises secure sensitive data residing in
Amazon Web Services (AWS) Simple Storage Service (S3) and Box
environments with encryption, key management and access controls.
Enterprises have seen rapid growth in the use of cloud
storage solutions by individual users and business units, but typically
without the security controls required for regulated and sensitive data.
As a result, they often face the difficult decision to either block
access to these productivity boosting services, or to risk the exposure
of sensitive data through their use. This new Vormetric offering enables
organizations to offer secure and compliant Box and S3 services to
their employees and partners.
"Unstructured data has no permanent home. Depending on
the latest 'project du-jour' it can live in an on-premise data center, a
big data repository, and increasingly in the cloud within popular SaaS
apps or file synch-and-share (FSS) offerings like Box," said Garrett Bekker,
senior analyst in the information security practice at 451 Research.
"However, the cloud security marketplace is currently composed of mainly
point products that address only a few of these potential scenarios.
Vendors who can address a wide range of use cases and address both cloud
and on-premise repositories of unstructured data should be well
received by enterprise customers."
In the recent 2015 Vormetric Insider Threat Report – Cloud and Big Data Edition,
the risks of cloud storage environments were the number one Software as
a Service (SaaS) concern. 83 percent of U.S., and 72 percent of global
respondents were very or extremely concerned about the protection of
sensitive data within these environments.
With the Vormetric Cloud Encryption Gateway, data is encrypted before
it is saved to cloud storage, while encryption keys and access policies
are always under enterprise control. The solution consists of two major
components: the gateway provides encryption and policy enforcement, and
is paired with a Vormetric Data Security Manager (DSM) for encryption
key and policy management. Both are available as virtual appliances, and
the DSM may also be deployed as a FIPS 140-2 Level 2 or Level 3
certified hardware appliance. The combined solution removes the
possibility of encryption key or data compromise at the cloud storage
vendor location, while enabling security teams to establish the
visibility and control required to keep assets secure and meet
compliance requirements.
As a new extension of the Vormetric Data Security Platform, the
gateway also shares policy, administration and management infrastructure
with other Vormetric data security offerings – reducing enterprise
management, resource and implementation costs. Other Vormetric platform
offerings include transparent OS level file and volume encryption with
access controls, application encryption, tokenization with data masking
and third party encryption key management, as well as data access
monitoring and auditing capabilities.
Key features of the Vormetric Cloud Encryption Gateway include:
- On-premise key management. Local deployment of the gateway
and DSM separates encryption key storage and management from data,
assuring that data can't be compromised at the cloud storage provider or
compelled to be exposed by legal action without the enterprise's
knowledge.
- Transparent implementation. Easy deployment with no changes required to applications or user experience.
- Highly scalable. Match capacity to demand by adding and removing Cloud Encryption Gateway appliance instances.
- Robust, persistent controls. Sensitive data may be copied,
shared, used for collaboration and distributed while security teams
retain control of keys and access policies on their premises.
- Detailed visibility and auditability. Detailed visibility into data access, access attempts and usage supports compliance and forensic requirements.
- Intelligent risk detection. Automatically scans connected
cloud storage instances to discover unencrypted files that violate
security policies, and apply appropriate controls.
"Enterprise users love cloud file storage and sharing solutions, but
in using them often violate IT security and compliance rules. IT
organizations can take back control by offering users the services they
want, but in a way that meets enterprise security needs," said Derek Tumulak,
VP of product management for Vormetric. "At the same time, solutions
have to make good business sense. With this addition to the Vormetric
Data Security Platform, organizations can now solve more problems with a
single solution to manage protection of sensitive data across multiple
data-at-rest environments."
For more information, please visit http://www.vormetric.com/products/cloud-gateway.