Hewlett-Packard’s Atalla division rolled out new encryption offerings designed to make encryption easier and faster to deploy on-site and in the cloud.
The technology, announced June 10, includes the HP Secure Encryption with HP Enterprise Secure Key Manager (ESKM) 4.0 release. The new technology enables enterprises to manage the encryption keys across servers, including HP’s ProLiant Gen8 server portfolio.
As part of the Secure Encryption update, the technology now supports the OASIS Key Management Interoperability Protocol (KMIP). Performance is a key benefit of the new release, enabling enterprises to employ encryption on servers without impacting server performance negatively, Albert Biketi, general manager of HP Atalla, told eWEEK.
For cloud deployments, the new HP Atalla Cloud Encryption enables organizations to integrate encryption control into the cloud. With a cloud deployment, enterprises do not typically directly control the underlying cloud infrastructure, which can potentially introduce an element of risk. The HP Atalla Cloud Encryption technology provides what is known as split-key encryption to help mitigate potential risk.
Biketi explained that the way that split-key encryption works is analogous to how security works for a bank safety deposit box. With a bank safety deposit box, the bank holds one key while the customer holds the other. The only way to open the safety deposit box is with both the bank and the customer key. The same approach holds true in the HP Atalla Cloud Encryption technology with one encryption key held by the enterprise customer and the other with the cloud.
“Only those two keys in combination can encrypt or decrypt data,” Biketi said.
The HP Atalla Cloud Encryption technology does not allow an attacker that takes a snapshot of a user session to be able to capture the user’s encryption key, he said.
Managing data encryption as it moves across an enterprise and throughout the lifecycle is also a challenge that HP is aiming to tackle. The new HP Atalla Information Protection and Control (IPC) applies and manages protection for data as it moves around an organization, Biketi said.
The Atalla business unit, one of HP’s oldest security businesses, got its start in 1973 as a security vendor for financial institutions. It was acquired in 1987 by Tandem Computers, which was acquired in 1997 by Compaq, which HP bought in 2002. Atalla technology is still widely used in financial services.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.