Risk
12/20/2012
06:36 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Voltage Partners With PerspecSys To Improve Cloud Data Protection

Companies to address application usability in the rapidly growing area of cloud data protection

CUPERTINO, CALIFORNIA and MCLEAN, VIRGINIA – December, 20, 2012 - Voltage Security®, the world leader in data-centric encryption and key management, and PerspecSys&trade Inc., the leader in cloud data protection solutions for the enterprise, today announced that the two companies have partnered to enable a new level of security and application usability in the rapidly growing area of cloud data protection. The combined solution -- Voltage's patented Format-Preserving Encryption&trade (FPE) integrated into PerspecSys' Cloud Data Protection Gateway -- leverages Voltage innovations in end-to-end encryption and stateless key management and PerspecSys' award-winning cloud data protection platform to give enterprises full control of their sensitive data, protecting it before it leaves the corporate environment for processing and storage in the cloud.

The partnership helps address critical security and usability requirements associated with utilizing encryption technology to safeguard sensitive information in cloud environments, including:

· The ability for encryption to work within cloud application constraints: Since cloud applications frequently have pre-defined data field definitions that have a fixed length (e.g. data fields, payment card details, etc.), any algorithm used to encrypt data needs to be able to preserve the original data's format so that the encrypted value can be processed and stored correctly within the cloud application's database.

· The necessity to be transparent to the end-users of cloud applications: Encryption techniques protecting data going into the cloud must not adversely impact the experience of the application users. Preserving the usability of the application, such as maintaining the ability to Search, Report, and Sort on data that has been strongly encrypted, is critical to maximizing the business value of the cloud applications that enterprises are adopting.

· The need for strong, industry reviewed/approved encryption: Unlike approaches with unpublished or weak cryptography that expose customers to breaches and raise the risks for data loss, the combined Voltage - PerspecSys solution relies on a comprehensively secure model, with proofs of security utilizing FFX mode AES, a data protection method in standards development with top tier standards organizations NIST and ANSI.

Customer demand continues to increase for a single data protection model across on-premise applications and systems and cloud environments. This partnership allows Voltage and PerspecSys to deliver a solution to the market that addresses these critical requirements and protect sensitive data as it is used and moved between these environments.

"For enterprise customers, identifying a secure and straight-forward way to rapidly move to the cloud is a top priority, but they realize that some options in this marketplace are inherently insecure," said Jeremy Stieglitz, vice president, business development, Voltage Security. "We found PerspecSys' solution to be unique in this emerging space, being the only product that can leverage the strongest forms of encryption technology – including Voltage's FPE – and simultaneously preserve the application's usability. By joining forces we are able to offer enterprises a zero trade-off solution, enabling them to confidently make the move to the cloud with the strongest security and the best experience for their employees."

"Together, PerspecSys and Voltage can address the critical issues slowing enterprise cloud adoption at both strategic and operational levels," said Gerry Grealish, vice president, marketing and products, PerspecSys. "We are jointly working with customers that want the strong encryption security and flexibility that is delivered by Voltage and PerspecSys, and we are receiving feedback that we are uniquely delivering a proposition to the market that meets a wide variety of enterprise needs across the areas of Security, Risk, Compliance, Privacy and Information Technology."

About Voltage Security

Voltage Security®, Inc. is the leading data protection provider, delivering secure, scalable, and proven data-centric encryption and key management solutions, enabling customers to effectively combat new and emerging security threats. Powered by ground-breaking encryption innovations, including Identity-Based Encryption&trade (IBE), Format-Preserving Encryption&trade (FPE), and Page-Integrated Encryption&trade (PIE), our powerful data protection solutions allow any company to seamlessly secure all types of sensitive corporate and customer information, wherever it resides, while efficiently meeting regulatory compliance and privacy requirements. For more information, please www.voltage.com.

About PerspecSys

PerspecSys Inc. is a provider of cloud data protection solutions that enable mission-critical cloud applications to be adopted throughout the enterprise. PerspecSys removes the technical, legal and financial risks of placing sensitive company data in the cloud. The company accomplishes this for many large, heavily regulated companies across the world by never allowing sensitive data to leave a customer's network, while maintaining the functionality of cloud applications. Based in Toronto, PerspecSys Inc. is a privately held company backed by leading investors including Intel Capital and GrowthWorks. For more information on PerspecSys, please visit www.perspecsys.com or follow on Twitter @perspecsys.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2227
Published: 2014-07-25
The default Flash cross-domain policy (crossdomain.xml) in Ubiquiti Networks UniFi Video (formerly AirVision aka AirVision Controller) before 3.0.1 does not restrict access to the application, which allows remote attackers to bypass the Same Origin Policy via a crafted SWF file.

CVE-2014-5027
Published: 2014-07-25
Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via a query parameter to a diff fragment page.

CVE-2014-5100
Published: 2014-07-25
Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka before 2.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) add a new super user account via a request to admin/users/add, (2) insert cross-site scripting (XSS) sequences via the api_key_...

CVE-2014-5101
Published: 2014-07-25
Multiple cross-site scripting (XSS) vulnerabilities in WeBid 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) TPL_name, (2) TPL_nick, (3) TPL_email, (4) TPL_year, (5) TPL_address, (6) TPL_city, (7) TPL_prov, (8) TPL_zip, (9) TPL_phone, (10) TPL_pp_email, (11) TPL_authn...

CVE-2014-5102
Published: 2014-07-25
SQL injection vulnerability in vBulletin 5.0.4 through 5.1.3 Alpha 5 allows remote attackers to execute arbitrary SQL commands via the criteria[startswith] parameter to ajax/render/memberlist_items.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.