customer control of encryption keys – Cloud Computing Today

CipherCloud today announces the launch of data discovery capabilities by means of a solution deployed on Salesforce.com’s AppExchange. CipherCloud customers will be able to use its data discovery tool to run analytics on applications and data infrastructures within its purview toward the end of proactively responding to abnormal usage patterns that suggest possible security risks. The tool allows customers to configure the parameters of rules and alerts in order to customize the data discovery functionality for the usage patterns specific to their user base. CipherCloud’s data discovery solution extends the capabilities of its data privacy, security and encryption services for cloud applications by giving customers access to data visualizations regarding user and platform activity as illustrated below:

The three data discovery charts identify top users by type of user activity, anomalous activities and the most widely exported reports. Here, examples of anomalous activities include excessive downloads and after hours usage, although the software’s capability to customize the meaning of anomalous renders the solution applicable to a vast variety of use cases for identifying suspicious activities and processes.

CipherCloud’s launch of its data discovery solution on the AppExhange platform builds on a recent product enhancement that delivers encryption to data prior to its transmission to Amazon Web Services, and specifically, AWS products such as the Amazon S3, RDS and EBS. The data discovery solution adds one more weapon to CipherCloud’s roster of products for protecting the security of cloud-based data, and represents a useful complement to its AES-256 bit encryption services, which allow customers to retain control of the encryption keys as opposed to to the cloud platform vendor on which a solution is deployed. Expect CipherCloud to continue to expand its data loss protection (DLP) and encryption services, particularly as the market for cloud security products explodes in the wake of increasing cloud adoption and elevated customer concerns over cloud security.

Today, cloud security vendor CipherCloud announced an enhancement to its relationship with Box whereby Box customers can now take advantage of CipherCloud’s AES 256-bit encryption functionality. The announcement means that customers can now enjoy military-grade encryption that renders their data practically inaccessible to the prying eyes of unauthorized users of any kind. CipherCloud’s solution uses Box APIs to track and encrypt data as it enters the CipherCloud platform in conjunction with customer-based rules that determine which data is deemed sensitive and requires encryption. Moreover, CipherCloud’s encryption solution for Box allows users to configure a range of automated settings for sensitive data that include sharing restrictions, alerts, data quarantine and automated encryption, all of which are configured through the Box interface itself. In contrast to offerings whereby the cloud vendor retains access to the encryption keys, CipherCloud allows customers to retain the encryption keys. Because customers retain control of the encryption keys for data stored in Box, authorized users can access the encrypted data at any time, giving customers greater control with respect to data access. CipherCloud’s encryption solution for Box supports mobile devices and additionally boasts configurable notifications for instances of potential security breaches.

CipherCloud claims an impressive array of data loss protection (DLP) services for a range of cloud platforms that include Amazon Web Services, Salesforce, Gmail and Office 365. Today’s Box announcement builds upon its existing DLP solution for Box and claims a competitive edge over CipherCloud’s competitors by virtue of its streamlined integration with the Box platform. The company currently claims over 2 million users in 14 countries and 10 industries. CipherCloud is backed by venture capital firms Andreessen Horowitz, Index Ventures, and T-Venture and has raised $31.4 million in capital to date. As concerns about cloud data security proliferate given recent disclosures of government agency surveillance alongside internal and external breaches of enterprise data, CipherCloud should be expected to consolidate its position in the cloud data security space, particularly in light of its recent AES 256-bit encryption offering.