Risk
12/20/2012
06:36 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Voltage Partners With PerspecSys To Improve Cloud Data Protection

Companies to address application usability in the rapidly growing area of cloud data protection

CUPERTINO, CALIFORNIA and MCLEAN, VIRGINIA – December, 20, 2012 - Voltage Security®, the world leader in data-centric encryption and key management, and PerspecSys&trade Inc., the leader in cloud data protection solutions for the enterprise, today announced that the two companies have partnered to enable a new level of security and application usability in the rapidly growing area of cloud data protection. The combined solution -- Voltage's patented Format-Preserving Encryption&trade (FPE) integrated into PerspecSys' Cloud Data Protection Gateway -- leverages Voltage innovations in end-to-end encryption and stateless key management and PerspecSys' award-winning cloud data protection platform to give enterprises full control of their sensitive data, protecting it before it leaves the corporate environment for processing and storage in the cloud.

The partnership helps address critical security and usability requirements associated with utilizing encryption technology to safeguard sensitive information in cloud environments, including:

· The ability for encryption to work within cloud application constraints: Since cloud applications frequently have pre-defined data field definitions that have a fixed length (e.g. data fields, payment card details, etc.), any algorithm used to encrypt data needs to be able to preserve the original data's format so that the encrypted value can be processed and stored correctly within the cloud application's database.

· The necessity to be transparent to the end-users of cloud applications: Encryption techniques protecting data going into the cloud must not adversely impact the experience of the application users. Preserving the usability of the application, such as maintaining the ability to Search, Report, and Sort on data that has been strongly encrypted, is critical to maximizing the business value of the cloud applications that enterprises are adopting.

· The need for strong, industry reviewed/approved encryption: Unlike approaches with unpublished or weak cryptography that expose customers to breaches and raise the risks for data loss, the combined Voltage - PerspecSys solution relies on a comprehensively secure model, with proofs of security utilizing FFX mode AES, a data protection method in standards development with top tier standards organizations NIST and ANSI.

Customer demand continues to increase for a single data protection model across on-premise applications and systems and cloud environments. This partnership allows Voltage and PerspecSys to deliver a solution to the market that addresses these critical requirements and protect sensitive data as it is used and moved between these environments.

"For enterprise customers, identifying a secure and straight-forward way to rapidly move to the cloud is a top priority, but they realize that some options in this marketplace are inherently insecure," said Jeremy Stieglitz, vice president, business development, Voltage Security. "We found PerspecSys' solution to be unique in this emerging space, being the only product that can leverage the strongest forms of encryption technology – including Voltage's FPE – and simultaneously preserve the application's usability. By joining forces we are able to offer enterprises a zero trade-off solution, enabling them to confidently make the move to the cloud with the strongest security and the best experience for their employees."

"Together, PerspecSys and Voltage can address the critical issues slowing enterprise cloud adoption at both strategic and operational levels," said Gerry Grealish, vice president, marketing and products, PerspecSys. "We are jointly working with customers that want the strong encryption security and flexibility that is delivered by Voltage and PerspecSys, and we are receiving feedback that we are uniquely delivering a proposition to the market that meets a wide variety of enterprise needs across the areas of Security, Risk, Compliance, Privacy and Information Technology."

About Voltage Security

Voltage Security®, Inc. is the leading data protection provider, delivering secure, scalable, and proven data-centric encryption and key management solutions, enabling customers to effectively combat new and emerging security threats. Powered by ground-breaking encryption innovations, including Identity-Based Encryption&trade (IBE), Format-Preserving Encryption&trade (FPE), and Page-Integrated Encryption&trade (PIE), our powerful data protection solutions allow any company to seamlessly secure all types of sensitive corporate and customer information, wherever it resides, while efficiently meeting regulatory compliance and privacy requirements. For more information, please www.voltage.com.

About PerspecSys

PerspecSys Inc. is a provider of cloud data protection solutions that enable mission-critical cloud applications to be adopted throughout the enterprise. PerspecSys removes the technical, legal and financial risks of placing sensitive company data in the cloud. The company accomplishes this for many large, heavily regulated companies across the world by never allowing sensitive data to leave a customer's network, while maintaining the functionality of cloud applications. Based in Toronto, PerspecSys Inc. is a privately held company backed by leading investors including Intel Capital and GrowthWorks. For more information on PerspecSys, please visit www.perspecsys.com or follow on Twitter @perspecsys.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-2184
Published: 2015-03-27
Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the comment_state parameter.

CVE-2014-3619
Published: 2015-03-27
The __socket_proto_state_machine function in GlusterFS 3.5 allows remote attackers to cause a denial of service (infinite loop) via a "00000000" fragment header.

CVE-2014-8121
Published: 2015-03-27
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up while the database is iterated over...

CVE-2014-9712
Published: 2015-03-27
Websense TRITON V-Series appliances before 7.8.3 Hotfix 03 and 7.8.4 before Hotfix 01 allows remote administrators to read arbitrary files and obtain passwords via a crafted path.

CVE-2015-0658
Published: 2015-03-27
The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589.

Dark Reading Radio
Archived Dark Reading Radio
Good hackers--aka security researchers--are worried about the possible legal and professional ramifications of President Obama's new proposed crackdown on cyber criminals.