On October 6, application delivery vendor Appcito announced the addition of one-click provisioning of security rules for applications that run on the Amazon Web Services cloud. Appcito’s CAFÉ platform features load balancing, application security and application-related analytics via an application delivery architecture marked by limitless scalability. Appcito’s announcement of the ability to deploy security rules for their AWS applications by means of one click streamlines and simplifies the deployment of security rules and parameters. Customers can choose from a pre-defined library of security rules for popular frameworks such as WordPress, Joomla and SharePoint. Appcito’s pre-defined library of security rules empowers customers to deploy the appropriate security configuration for their application without extensive experimentation and testing. Moreover, Appcito updates rules daily to ensure their efficacy against the latest and greatest security threats. The security platform includes a web application firewall, Layer 4 Network Protection, Layer 7 DDoS, IP blacklisting and Bot protection. In addition to protection against security threats, the Appcito platform provides security analytics that allow users to customize their security rules and algorithms. The uniqueness of this week’s announcement, however, consists in Appcito’s ability to provision security rules with one click from a pre-defined library of security templates. Given the bewildering heterogeneity of cloud application security offerings in the contemporary software security landscape, the Appcito platform differentiates by way of its ability to simplify the process of adding security to cloud-based applications while concurrently offering customers a trove of rich analytics that they can mine to customize their deployment to respond to specific security threats and exigencies as illustrated below:
Protegrity today announced a partnership with incentive compensation vendor Xactly that allows Xactly customers to benefit from Protegrity’s suite of cloud security products and services. Protegrity’s Cloud Gateway uses tokenization or encryption to protect customer data before it traverses a SaaS, cloud-based infrastructure. The Protegrity solution bolsters the security of SaaS applications by delivering enhanced data protection based on encryption, tokenization and cloud monitoring functionality. The solution also features an enterprise-grade key management solution that provides a comprehensive and automated approach to storing encryption keys while ensuring that the key tokens reside outside the purview of the cloud within a safe but readily accessible location. Today’s announcement means that Protegrity adds Gartner leader in the 2015 Magic Quadrant for Sales Performance Management, Xactly, to a list of supported SaaS platforms that includes Box and Salesforce. Meanwhile, Xactly stands to benefit from giving its customers the assurance that its platform for delivering HR-based incentive compensation frameworks complies with rigorous and battle-tested standards for cloud security. The larger significance of the Protegrity Cloud Gateway consists in its ability to empower organizations with sensitive data to build SaaS applications that can achieve compliance with protocols such as HIPAA and HITECH, PCI and others. The partnership between Protegrity and Xactly illustrates the intensity of the desire for cloud security solutions on one hand, and the corresponding market response from vendors such as Protegrity to deliver turnkey cloud security products that deliver the requisite security needs in conjunction with the operational simplicity and scalability demanded by contemporary enterprise customers. Expect Protegrity to continue expanding its roster of SaaS partnerships as SaaS applications that utilize sensitive data proliferate and require correspondingly robust cloud security frameworks.
CipherCloud recently announced an expansion of its strategy for protecting cloud-based data by revealing details of a product that extends the capabilities of its data discovery solution on salesforce.com’s AppExchange, announced in November. This week’s announcement renders its pre-existing data discovery functionality available to any cloud platform and additionally highlights the “protect” and “monitor” components of its cloud security strategy. Rather than handing organizations a generic cloud security platform, CipherCloud delivers a solution that allows customers to tailor the types of security monitoring to the specificities of its business operations and organizational culture by providing analysts with a user friendly interface for detecting anomalous behavior. The innovation enabled by CipherCloud’s data discovery functionality is that companies can customize the alerts and warning messages regarding breaches of security to their data stacks, technology platforms and usage patterns. Data discovery, however, represents only one part of CipherCloud’s cloud protection strategy as illustrated below:
The other components of CipherCloud’s platform include protection in the form of AES-256 bit encryption, proprietary data loss prevention technology, key management and anti-malware technology and ongoing monitoring of the health of the infrastructure in question. Importantly, CipherCloud delivers searchable strong encryption using natural language searches. CipherCloud’s searchable strong encryption enables users to search encrypted data using wildcards, boolean searches and natural language without additional, cumbersome deployments of applications or databases. As illustrated above, CipherCloud’s “Discover, Protection, Monitor” solution can accommodate a vast variety of cloud infrastructures and protect data stored in public, hybrid and private cloud environments. The key differentiator, however, is its data discovery capabilities and ability to empower customers to complement its encryption functionality with advanced analytics for retrospective and prospective detection of security threats.
Big Data management vendor Zettaset recently announced the availability of encryption functionality in Zettaset Orchestrator, its Hadoop management platform. Zettaset Orchestrator v5 automates Hadoop installation, enables high availability on Hadoop deployments and streamlines the configuration and operational management of Hadoop clusters. Zettaset adds encryption to its Orchestrator platform by using the 256-bit Advanced Encryption Standard (AES-256) and the KMIP protocol, with minimal impact to the performance of the encrypted Hadoop cluster. The addition of encryption to Zettaset Orchestrator means that customers with compliance concerns related to data security are one step closer toward delivering a data environment that satisfies regulatory demands specific to their industry. Jim Vogt, Zettaset CEO, remarked on the significance of encryption functionality within the Hadoop space as follows:
Encryption is a very specialized capability, and there are few viable options available today for Hadoop users. When it comes to risk management, Zettaset Orchestrator with data-at-rest encryption gives customers the upper hand, supporting compliance mandates such as HIPAA, BSA/AML and PCI-DSS, for example, and provides assurance that their Hadoop cluster data is protected against malicious attacks.
Zettaset Orchestrator also provides role-based access control as well as support for LDAP and Active Directory. Orchestrator’s support of Hadoop encryption in conjunction with its role-based access functionality represents a significant advance for data security within the Hadop space, particularly because the solution is for data-at-rest as opposed to data in transit, over the wire. Other vendors with Hadoop data encryption solutions include Gazzang and Dataguise. That said, Zettaset’s combination of automation and security on Hadoop renders it a key player in the Hadoop management space. Zettaset Orchestrator integrates with all major open source Hadoop distributions.
CipherCloud today announces the launch of data discovery capabilities by means of a solution deployed on Salesforce.com’s AppExchange. CipherCloud customers will be able to use its data discovery tool to run analytics on applications and data infrastructures within its purview toward the end of proactively responding to abnormal usage patterns that suggest possible security risks. The tool allows customers to configure the parameters of rules and alerts in order to customize the data discovery functionality for the usage patterns specific to their user base. CipherCloud’s data discovery solution extends the capabilities of its data privacy, security and encryption services for cloud applications by giving customers access to data visualizations regarding user and platform activity as illustrated below:
The three data discovery charts identify top users by type of user activity, anomalous activities and the most widely exported reports. Here, examples of anomalous activities include excessive downloads and after hours usage, although the software’s capability to customize the meaning of anomalous renders the solution applicable to a vast variety of use cases for identifying suspicious activities and processes.
CipherCloud’s launch of its data discovery solution on the AppExhange platform builds on a recent product enhancement that delivers encryption to data prior to its transmission to Amazon Web Services, and specifically, AWS products such as the Amazon S3, RDS and EBS. The data discovery solution adds one more weapon to CipherCloud’s roster of products for protecting the security of cloud-based data, and represents a useful complement to its AES-256 bit encryption services, which allow customers to retain control of the encryption keys as opposed to to the cloud platform vendor on which a solution is deployed. Expect CipherCloud to continue to expand its data loss protection (DLP) and encryption services, particularly as the market for cloud security products explodes in the wake of increasing cloud adoption and elevated customer concerns over cloud security.
Today, cloud security vendor CipherCloud announced an enhancement to its relationship with Box whereby Box customers can now take advantage of CipherCloud’s AES 256-bit encryption functionality. The announcement means that customers can now enjoy military-grade encryption that renders their data practically inaccessible to the prying eyes of unauthorized users of any kind. CipherCloud’s solution uses Box APIs to track and encrypt data as it enters the CipherCloud platform in conjunction with customer-based rules that determine which data is deemed sensitive and requires encryption. Moreover, CipherCloud’s encryption solution for Box allows users to configure a range of automated settings for sensitive data that include sharing restrictions, alerts, data quarantine and automated encryption, all of which are configured through the Box interface itself. In contrast to offerings whereby the cloud vendor retains access to the encryption keys, CipherCloud allows customers to retain the encryption keys. Because customers retain control of the encryption keys for data stored in Box, authorized users can access the encrypted data at any time, giving customers greater control with respect to data access. CipherCloud’s encryption solution for Box supports mobile devices and additionally boasts configurable notifications for instances of potential security breaches.
CipherCloud claims an impressive array of data loss protection (DLP) services for a range of cloud platforms that include Amazon Web Services, Salesforce, Gmail and Office 365. Today’s Box announcement builds upon its existing DLP solution for Box and claims a competitive edge over CipherCloud’s competitors by virtue of its streamlined integration with the Box platform. The company currently claims over 2 million users in 14 countries and 10 industries. CipherCloud is backed by venture capital firms Andreessen Horowitz, Index Ventures, and T-Venture and has raised $31.4 million in capital to date. As concerns about cloud data security proliferate given recent disclosures of government agency surveillance alongside internal and external breaches of enterprise data, CipherCloud should be expected to consolidate its position in the cloud data security space, particularly in light of its recent AES 256-bit encryption offering.