Risk
12/20/2012
06:36 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Voltage Partners With PerspecSys To Improve Cloud Data Protection

Companies to address application usability in the rapidly growing area of cloud data protection

CUPERTINO, CALIFORNIA and MCLEAN, VIRGINIA – December, 20, 2012 - Voltage Security®, the world leader in data-centric encryption and key management, and PerspecSys&trade Inc., the leader in cloud data protection solutions for the enterprise, today announced that the two companies have partnered to enable a new level of security and application usability in the rapidly growing area of cloud data protection. The combined solution -- Voltage's patented Format-Preserving Encryption&trade (FPE) integrated into PerspecSys' Cloud Data Protection Gateway -- leverages Voltage innovations in end-to-end encryption and stateless key management and PerspecSys' award-winning cloud data protection platform to give enterprises full control of their sensitive data, protecting it before it leaves the corporate environment for processing and storage in the cloud.

The partnership helps address critical security and usability requirements associated with utilizing encryption technology to safeguard sensitive information in cloud environments, including:

· The ability for encryption to work within cloud application constraints: Since cloud applications frequently have pre-defined data field definitions that have a fixed length (e.g. data fields, payment card details, etc.), any algorithm used to encrypt data needs to be able to preserve the original data's format so that the encrypted value can be processed and stored correctly within the cloud application's database.

· The necessity to be transparent to the end-users of cloud applications: Encryption techniques protecting data going into the cloud must not adversely impact the experience of the application users. Preserving the usability of the application, such as maintaining the ability to Search, Report, and Sort on data that has been strongly encrypted, is critical to maximizing the business value of the cloud applications that enterprises are adopting.

· The need for strong, industry reviewed/approved encryption: Unlike approaches with unpublished or weak cryptography that expose customers to breaches and raise the risks for data loss, the combined Voltage - PerspecSys solution relies on a comprehensively secure model, with proofs of security utilizing FFX mode AES, a data protection method in standards development with top tier standards organizations NIST and ANSI.

Customer demand continues to increase for a single data protection model across on-premise applications and systems and cloud environments. This partnership allows Voltage and PerspecSys to deliver a solution to the market that addresses these critical requirements and protect sensitive data as it is used and moved between these environments.

"For enterprise customers, identifying a secure and straight-forward way to rapidly move to the cloud is a top priority, but they realize that some options in this marketplace are inherently insecure," said Jeremy Stieglitz, vice president, business development, Voltage Security. "We found PerspecSys' solution to be unique in this emerging space, being the only product that can leverage the strongest forms of encryption technology – including Voltage's FPE – and simultaneously preserve the application's usability. By joining forces we are able to offer enterprises a zero trade-off solution, enabling them to confidently make the move to the cloud with the strongest security and the best experience for their employees."

"Together, PerspecSys and Voltage can address the critical issues slowing enterprise cloud adoption at both strategic and operational levels," said Gerry Grealish, vice president, marketing and products, PerspecSys. "We are jointly working with customers that want the strong encryption security and flexibility that is delivered by Voltage and PerspecSys, and we are receiving feedback that we are uniquely delivering a proposition to the market that meets a wide variety of enterprise needs across the areas of Security, Risk, Compliance, Privacy and Information Technology."

About Voltage Security

Voltage Security®, Inc. is the leading data protection provider, delivering secure, scalable, and proven data-centric encryption and key management solutions, enabling customers to effectively combat new and emerging security threats. Powered by ground-breaking encryption innovations, including Identity-Based Encryption&trade (IBE), Format-Preserving Encryption&trade (FPE), and Page-Integrated Encryption&trade (PIE), our powerful data protection solutions allow any company to seamlessly secure all types of sensitive corporate and customer information, wherever it resides, while efficiently meeting regulatory compliance and privacy requirements. For more information, please www.voltage.com.

About PerspecSys

PerspecSys Inc. is a provider of cloud data protection solutions that enable mission-critical cloud applications to be adopted throughout the enterprise. PerspecSys removes the technical, legal and financial risks of placing sensitive company data in the cloud. The company accomplishes this for many large, heavily regulated companies across the world by never allowing sensitive data to leave a customer's network, while maintaining the functionality of cloud applications. Based in Toronto, PerspecSys Inc. is a privately held company backed by leading investors including Intel Capital and GrowthWorks. For more information on PerspecSys, please visit www.perspecsys.com or follow on Twitter @perspecsys.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-5704
Published: 2014-04-15
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."

CVE-2013-5705
Published: 2014-04-15
apache2/modsecurity.c in ModSecurity before 2.7.6 allows remote attackers to bypass rules by using chunked transfer coding with a capitalized Chunked value in the Transfer-Encoding HTTP header.

CVE-2014-0341
Published: 2014-04-15
Multiple cross-site scripting (XSS) vulnerabilities in PivotX before 2.3.9 allow remote authenticated users to inject arbitrary web script or HTML via the title field to (1) templates_internal/pages.tpl, (2) templates_internal/home.tpl, or (3) templates_internal/entries.tpl; (4) an event field to ob...

CVE-2014-0342
Published: 2014-04-15
Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors.

CVE-2014-0348
Published: 2014-04-15
The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workstation 1.3.x before 1.3.9, Artiva Rm 3.1 MR7, Artiva Healthcare 5.2 MR5, and Artiva Architect 3.2 MR5, when the domain-name option is enabled, allows remote attackers to login to arbitrary domain accounts by using the corresponding...

Best of the Web