Risk
12/20/2012
06:36 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Voltage Partners With PerspecSys To Improve Cloud Data Protection

Companies to address application usability in the rapidly growing area of cloud data protection

CUPERTINO, CALIFORNIA and MCLEAN, VIRGINIA – December, 20, 2012 - Voltage Security®, the world leader in data-centric encryption and key management, and PerspecSys&trade Inc., the leader in cloud data protection solutions for the enterprise, today announced that the two companies have partnered to enable a new level of security and application usability in the rapidly growing area of cloud data protection. The combined solution -- Voltage's patented Format-Preserving Encryption&trade (FPE) integrated into PerspecSys' Cloud Data Protection Gateway -- leverages Voltage innovations in end-to-end encryption and stateless key management and PerspecSys' award-winning cloud data protection platform to give enterprises full control of their sensitive data, protecting it before it leaves the corporate environment for processing and storage in the cloud.

The partnership helps address critical security and usability requirements associated with utilizing encryption technology to safeguard sensitive information in cloud environments, including:

· The ability for encryption to work within cloud application constraints: Since cloud applications frequently have pre-defined data field definitions that have a fixed length (e.g. data fields, payment card details, etc.), any algorithm used to encrypt data needs to be able to preserve the original data's format so that the encrypted value can be processed and stored correctly within the cloud application's database.

· The necessity to be transparent to the end-users of cloud applications: Encryption techniques protecting data going into the cloud must not adversely impact the experience of the application users. Preserving the usability of the application, such as maintaining the ability to Search, Report, and Sort on data that has been strongly encrypted, is critical to maximizing the business value of the cloud applications that enterprises are adopting.

· The need for strong, industry reviewed/approved encryption: Unlike approaches with unpublished or weak cryptography that expose customers to breaches and raise the risks for data loss, the combined Voltage - PerspecSys solution relies on a comprehensively secure model, with proofs of security utilizing FFX mode AES, a data protection method in standards development with top tier standards organizations NIST and ANSI.

Customer demand continues to increase for a single data protection model across on-premise applications and systems and cloud environments. This partnership allows Voltage and PerspecSys to deliver a solution to the market that addresses these critical requirements and protect sensitive data as it is used and moved between these environments.

"For enterprise customers, identifying a secure and straight-forward way to rapidly move to the cloud is a top priority, but they realize that some options in this marketplace are inherently insecure," said Jeremy Stieglitz, vice president, business development, Voltage Security. "We found PerspecSys' solution to be unique in this emerging space, being the only product that can leverage the strongest forms of encryption technology – including Voltage's FPE – and simultaneously preserve the application's usability. By joining forces we are able to offer enterprises a zero trade-off solution, enabling them to confidently make the move to the cloud with the strongest security and the best experience for their employees."

"Together, PerspecSys and Voltage can address the critical issues slowing enterprise cloud adoption at both strategic and operational levels," said Gerry Grealish, vice president, marketing and products, PerspecSys. "We are jointly working with customers that want the strong encryption security and flexibility that is delivered by Voltage and PerspecSys, and we are receiving feedback that we are uniquely delivering a proposition to the market that meets a wide variety of enterprise needs across the areas of Security, Risk, Compliance, Privacy and Information Technology."

About Voltage Security

Voltage Security®, Inc. is the leading data protection provider, delivering secure, scalable, and proven data-centric encryption and key management solutions, enabling customers to effectively combat new and emerging security threats. Powered by ground-breaking encryption innovations, including Identity-Based Encryption&trade (IBE), Format-Preserving Encryption&trade (FPE), and Page-Integrated Encryption&trade (PIE), our powerful data protection solutions allow any company to seamlessly secure all types of sensitive corporate and customer information, wherever it resides, while efficiently meeting regulatory compliance and privacy requirements. For more information, please www.voltage.com.

About PerspecSys

PerspecSys Inc. is a provider of cloud data protection solutions that enable mission-critical cloud applications to be adopted throughout the enterprise. PerspecSys removes the technical, legal and financial risks of placing sensitive company data in the cloud. The company accomplishes this for many large, heavily regulated companies across the world by never allowing sensitive data to leave a customer's network, while maintaining the functionality of cloud applications. Based in Toronto, PerspecSys Inc. is a privately held company backed by leading investors including Intel Capital and GrowthWorks. For more information on PerspecSys, please visit www.perspecsys.com or follow on Twitter @perspecsys.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-6477
Published: 2014-11-23
Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4290, CVE-2014-4291, CVE-2014-4292, CVE-2014-4...

CVE-2014-4807
Published: 2014-11-22
Sterling Order Management in IBM Sterling Selling and Fulfillment Suite 9.3.0 before FP8 allows remote authenticated users to cause a denial of service (CPU consumption) via a '\0' character.

CVE-2014-6183
Published: 2014-11-22
IBM Security Network Protection 5.1 before 5.1.0.0 FP13, 5.1.1 before 5.1.1.0 FP8, 5.1.2 before 5.1.2.0 FP9, 5.1.2.1 before FP5, 5.2 before 5.2.0.0 FP5, and 5.3 before 5.3.0.0 FP1 on XGS devices allows remote authenticated users to execute arbitrary commands via unspecified vectors.

CVE-2014-8626
Published: 2014-11-22
Stack-based buffer overflow in the date_from_ISO8601 function in ext/xmlrpc/libxmlrpc/xmlrpc.c in PHP before 5.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by including a timezone field in a date, leading to improper XML-RPC encoding...

CVE-2014-8710
Published: 2014-11-22
The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the SigComp UDVM dissector in Wireshark 1.10.x before 1.10.11 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?