Gazzang Pushes MySQL Database Encryption, Cloud Security

Gazzang is focusing on cloud security with an encryption solution targeted at MySQL databases.

Gazzang wants to make cloud computing safe for enterprises-a goal that for the company begins with encrypting data.

Its product, ezNcrypt, is used to encrypt MySQL database transactions and data. In its latest edition, ezNcrypt now includes public/private key encryption and integration with leading HSM (hardware security module) technologies, as well as OpenSSL engine support.

"The significance [of OpenSSL support] lies in the fact that OpenSSL is one of the few open-source programs involved with validation under the FIPS 140-2 computer security standard by the National Institute of Standards and Technology's Cryptographic Module Validation Program," said Chris Gillan, vice president of business development and marketing at Gazzang. "Many large enterprises [both public and private] have already implemented cryptographic key servers using this technology platform. We can now integrate with these legacy systems, allowing these organizations to protect their open-source databases using the same technology platforms as they do with the rest of their computing environments."

"Our general target market is the midmarket and above," he added. "This particular release is more targeted at the enterprise as the HSMs [which we are integrating with] are traditionally used by larger enterprises and government agencies and contractors."

In a report, analysts at The 451 Group noted that Gazzang competes with companies such as Venafi and EMC (through its RSA security division) in the area of symmetric key management. In addition, Trend Micro's SecureCloud-announced in beta last August-is similarly targeted at encrypting data in cloud-computing environments.

"Gazzang's first product is 'set and forget' encryption for MySQL databases, but its long-term ambitions are far grander: to make cloud computing enterprise-ready," according to the report. "The company plans to build out from a beachhead as a value-add on top of the free eCryptfs tool to become the default option for transparent data encryption in LAMP and, ultimately, cloud-computing development. To that end, it has designed an innovative new key management system."

The company's hope, Gillan said, is to bring the transparent data-encryption technology currently available in the enterprise versions of Oracle database and Microsoft SQL Server to open-source database platforms. Though the focus right now is on MySQL, the company will soon be adding support for Cassandra, PostgreSQL and other platforms, he said.

"MySQL is by far the most widely adopted database in the cloud," he continued. "Our current version will work either in the cloud, or inside a company's firewall. Future versions of ezNcrypt will encrypt many other pieces of cloud architecture."

"As enterprises look to move critical applications and data storage to the cloud, security is still the No. 1 concern," Gillan added.