Perimeter
9/11/2012
03:10 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

CipherCloud Brings Encryption To Any SaaS Or Cloud Applications

Connect AnyApp encrypts data in-transit, in-use, and at-rest for millions of public and private cloud Web applications

SAN JOSE, Calif., September 6, 2012 -- CipherCloud, the leader in cloud encryption, introduced today CipherCloud Connect AnyApp that encrypts data in-transit, in-use, and at-rest for millions of public and private cloud web applications without changing application functionality. This includes IaaS, SaaS, and PaaS web applications along with behind-the-firewall intranet applications used to manage sensitive data in enterprises every day. Enterprises now can deploy encryption or tokenization in hours, revolutionizing cloud security.

With Connect AnyApp, administrators simply specify fields on web pages to be encrypted. Like all other CipherCloud encryption gateway applications, there are no application changes or client software required. Enterprises can select from multiple encryption and tokenization options that preserve data format and operations, including search and sort.

CipherCloud Connect AnyApp is the latest addition to the CipherCloud Platform that provides cloud encryption across the enterprise. The CipherCloud Platform reduces the complexities of protecting business data by enabling organizations to quickly deploy and manage encryption across multiple cloud applications with a single system, saving time and money.

“By 2015, more than 70% of organizations could still be prone to data breaches of centrally stored private data in North America and Europe,” said Lawrence Pingree, Research Director at Gartner, Inc. “Cloud encryption gateways that can be configured to encrypt or tokenize data are needed to reduce this risk and allow businesses and governments to go beyond the firewall and adopt public and private clouds applications.”

“The millions of breached records that cost businesses and governments billions each year is testament to the fact that encryption has been unavailable or out of reach for many applications.” said Larry Ponemon, chairman and founder of The Ponemon Institute. “In the latest Ponemon Institute research a disturbing 72% of organizations still don’t even know how their cloud providers secure their data. Using encryption can not only eliminate the barriers to widespread cloud adoption but can also wipe away billions of dollars in data breach liabilities.”

The Breakthrough

Before CipherCloud Connect AnyApp, enterprises were faced with complex or costly options to use encryption or tokenization with SaaS, Cloud and web applications, if possible at all.

● Enterprises could attempt to add encryption or tokenization to middleware or databases, however, this approach required extensive development and integration and was not possible for SaaS or PaaS applications where code changes or database access are not allowed.

● Organizations could consider desktop software plugins or special mobile apps but these approaches take time to deploy, don’t work across mobile devices, and are frustrating for users - leading to low adoption.

● Finally, enterprises could use cryptographic toolkits to develop custom integration or applications. In all cases, preserving critical functionality like search, sort, and format was nearly impossible with all of these approaches.

“While our clients express interest in moving applications to the cloud, the expense and complication of securing data is holding many back.” said Glen Day, Ernst & Young’s Information Security Leader for Healthcare and Life Sciences in the Americas. “Enterprises need a simple and cost effective means to encrypt data for web applications, not just for the public cloud but also for majority of their home grown intranet applications.”

“Enterprises are looking to SaaS applications to help fuel innovation and expand business without getting weighed down in technology deployments and costly capital investments,” said Leo Corcoran, CEO of Claim Vantage. “CipherCloud Connect AnyApp allows ClaimVantage customers to use our latest SaaS applications and still meet their data privacy and compliance requirements.”

CipherCloud Connect AnyApp revolutionizes encryption for enterprises. Now any intranet form, custom developed web application, vertical specific SaaS application, or millions of other web applications can use encryption or tokenization. Securing data stored in web application is now as simple as:

1. Install CipherCloud virtual appliance which automatically generates an organization’s encryption keys

2. Specify URLs of the public and private cloud applications to be encrypted

3. Use Point-and-Click to create policies to encrypt or tokenize one or more fields

Once a policy is enabled, data entered for the web application is automatically encrypted or tokenized using CipherCloud’s format and operations preserving technology.

“Every business and government CipherCloud has spoken with asks how can they encrypt data for their own set of 3rd-party and custom web applications. This might be a behind-the-firewall application moving to IaaS or a hot new SaaS social enterprise app,” said CipherCloud founder and CEO, Pravin Kothari. “The industry’s wait is over and now millions of IaaS, SaaS, and PaaS and behind-the-firewall applications can have their data-at-rest protected with point-and-click encryption and tokenization policies without any programming.”

Key Benefits of CipherCloud Connect AnyApp include:

● Removes Data Security, Residency, Privacy, and Compliance Barriers: CipherCloud offers enterprises the choice to use format and operations preserving encryption or tokenization for millions of IaaS, SaaS, and PaaS web applications along with behind-the-firewall intranet applications.

● Preserves Enterprise Control Over Cloud Data: Secure key management, with keys owned by the enterprise, and standard AES-256 encryption ensure organizations retain control over data in-transit, in-use, and at-rest in the cloud or behind-the-firewall..

● Delivers a Fully Functional Web Experience: Unlike previous approaches to encryption, users enjoy native functionality like search, sort and reporting with CipherCloud’s format and operations preserving encryption and tokenization. There’s no change to the user experience even when using context-aware encryption policy to enforce data loss prevention rules.

● Reduces the Cost of Securing Enterprise Clouds: Now millions of web applications can quickly and easily use data-at-rest encryption or tokenization without any programming or costly client software deployment. The CipherCloud Platform provides a single cloud encryption platform for securing public and private clouds that Gartner forecasts will be used by over 25 percent of enterprises in 2016, up from less than 1 percent today, while reducing the cost of securing the cloud by 30 percent.

To learn more about how CipherCloud is revolutionizing encryption and the cloud, visit CipherCloud at Dreamforce stand #1526. You can also view online product demos and request more information by visiting www.ciphercloud.com.

Example Use Cases

Common use cases for CipherCloud Connect AnyApp include:

● SaaS Call Center Application: An insurance provider is expanding its customer service organization and moving to a new SaaS-based application. Information stored in the cloud includes sensitive data such as social security numbers, state and federally regulated health information, and payments data that must be secured under the PCI DSS (Payment Card Industry Data Security Standard). To prevent data breaches and comply with HIPAA (Health Insurance Portability and Accountability Act), HITECH (Health Information Technology for Economic and Clinical Health), and PCI DSS, the insurance company uses Connect AnyApp to encrypt data. The insurer can use the SaaS application immediately without any changes from the cloud service provider.

● IaaS Electronic Healthcare Record (EHR) System: A national healthcare provider is deploying an EHR application in a public IaaS cloud to cost effectively manage the massive amounts of data generated each day. However, like most cloud providers, the firm’s IaaS provider does not sign a HIPAA-required Business Associate Agreement (BAA). Instead the healthcare provider used Connect AnyApp to encrypt data before it’s sent to the cloud. Policies set included encryption for PDF and TIFF documents in addition to structure data fields. Encryption is recognized by the Health and Human Services Administration (HHS) as an approved mechanism to control access and ensure compliance.

● Migrating Homegrown Applications to IaaS: A global media and broadcasting company is looking to eliminating the costs for hosting homegrown web applications running on a mix of Windows Server and Linux webservers connected to an Oracle database. These applications contain sensitive personnel information, including contact details, addresses, travel, logistics, and editorial calendar. In the hands of competitors, this information could spoil exclusive news and higher ratings. When staff are travelling in war zones or covering controversial topics, this information could endanger the lives of journalists. Because of this, the media company could not move homegrown applications to IaaS to reduce budget expenses and free IT resources. To ensure the privacy of sensitive data stored in the applications, the broadcaster deployed Connect AnyApp. Policies were quickly set for the half dozen applications and sensitive data including images, PDFs, and other documents are encrypted in real-time. Staff can access applications from anywhere from the IaaS cloud provider. There were no changes to homegrown Windows and Linux web applications or the Oracle database, both of which were moved to the cloud.

● Intranet Deal Management Portal: A UK-based investment bank developed a deal management portal using SharePoint. Deal information is highly confidential, could impact public share prices, and is regulated by bodies such as the UK Financial Services Authority (FSA). Data must be segmented between not just administrators but also other deal teams within the bank. The firm deployed Connect AnyApp inside its datacenter to encrypt confidential data such as the identities of buyers and sellers as well as large file attachments including Excel spreadsheets and scanned PDFs. Only authorized deal team members can connect to Connect AnyApp, segmenting access and ensuring compliance.

● Enterprise social networking in a global commodities company: In an Australian based commodities firm, Yammer enterprise social networking has gone viral. The company operates across the globe in highly competitive and volatile markets. Increasingly, discussion of deals, futures contracts, and competitors are helping teams respond faster to changing market conditions. But, the enterprise is concerned about who may have access to data in the cloud and inside the organization. Using CipherCloud Connect AnyApp, administrators quickly configured policies to encrypt posts with a few simple configuration steps - all without integration or special support from Yammer or CipherCloud. Now the business has total control over their data in the cloud and who has access to it - whether in the organization or not.

In all five examples, no changes to the applications were required and CipherCloud Connect AnyApp could be deployed in hours.

About CipherCloud

CipherCloud is the market-leading provider of cloud encryption and tokenization gateways that enable enterprises to securely adopt cloud applications by eliminating concerns about data privacy, residency, security, and regulatory compliance. CipherCloud’s operations-preserving encryption and tokenization technology secures sensitive information in real time, before it's sent to the cloud, without impacting usability or performance, or requiring any change to the application. The CipherCloud Platform secures multiple cloud applications including Salesforce, Force.com, Chatter, Gmail, Office 365, and Amazon AWS. Recognized by Gartner as a Cool Vendor in Cloud Security in 2011, CipherCloud is backed by premier venture capital firms including Andreessen Horowitz, Index Ventures, and T-Venture, the venture capital arm of Deutsche Telekom. For more information, visit www.ciphercloud.com and follow us on Twitter @ciphercloud.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web