Porticor Data Security Platform Designed for Cloud
The Virtual Private Data (VPD) cloud-based data-encryption solution uses a homomorphic key-encryption approach and encrypts the entire data layer.Cloud security specialist Porticor announced on Oct. 30 the availability of its cloud-based data-encryption solution, Virtual Private Data (VPD), which is designed to protect public, private and hybrid cloud data while stored and in use. The offering is currently available directly from Porticor through the company’s Website. The VPD is deployed in the cloud and managed from Porticor’s customer portal, with prices starting at $65 per month per Porticor Virtual Appliance. The company’s patented Virtual Key Management service, with split-key encryption technology, keeps encryption keys in the organization’s control, delivering a cloud-based key management system for cloud data at rest. In addition, Porticor keeps the master encryption keys fully encrypted and secured even while being used to access cloud data. “Potential cloud users worry about two things about information protection in the cloud—protecting it from other tenants and protecting it from the cloud provider,” Neil MacDonald, vice president and fellow at IT research firm Gartner, said in a statement. “Encryption is one protection option; however, when the encryption keys are used, data is at risk at that point. A solution that works completely in the cloud, yet is able to keep the keys protected in memory would help reduce the scope of a possible breach entry point.” The platform, made up of the Porticor Virtual Appliance and the Porticor Virtual Key Management Service, uses a homomorphic key-encryption approach, a technique that enables mathematical operations to be performed on encrypted data. Porticor technology implements partially homomorphic encryption techniques for combining and splitting encryption keys, enabling the VPD system to give the application access to the data store without exposing the master keys in an unencrypted state. It also ensures that if a master key is stolen, it can still never be used to access a data store.