Upcoming Events

Where the Cloud Touches Down: Simplifying Data Center Infrastructure Management

Thursday, July 25, 2013
10:00 AM PT/1:00 PM ET

In most data centers, DCIM rests on a shaky foundation of manual record keeping and scattered documentation. OpManager replaces data center documentation with a single repository for data, QRCodes for asset tracking, accurate 3D mapping of asset locations, and a configuration management database (CMDB). In this webcast, sponsored by ManageEngine, you will see how a real-world datacenter mapping stored in racktables gets imported into OpManager, which then provides a 3D visualization of where assets actually are. You'll also see how the QR Code generator helps you make the link between real assets and the monitoring world, and how the layered CMDB provides a single point of view for all your configuration data.

Register Now!

A Network Computing Webinar:
SDN First Steps

Thursday, August 8, 2013
11:00 AM PT / 2:00 PM ET

This webinar will help attendees understand the overall concept of SDN and its benefits, describe the different conceptual approaches to SDN, and examine the various technologies, both proprietary and open source, that are emerging. It will also help users decide whether SDN makes sense in their environment, and outline the first steps IT can take for testing SDN technologies.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

Porticor Beefs Up Cloud Security with Split-Key Encryption

Cloud security startup Porticor has updated its Virtual Private Data (VPD) system to help companies encrypt data stored in the cloud and protect encryption keys. Porticor's VPD combines encryption and its own proprietary key management service to protect enterprise data stored in public, private and hybrid clouds that run on VMWare and Amazon Web Services.

Porticor's VDP consists of two elements: the Porticor Virtual Appliance and the Virtual Key Management Service. Customers deploy the Virtual Appliance within a public or private cloud instance. The appliance encrypts data using the AES-256 algorithm. The Virtual Key Management Service, which is run from Portico's own cloud, splits the encryption key used to encrypt data in the Virtual Appliance into two separate keys. One of these keys, the master key, is kept encrypted even while in use.

More Insights

Webcasts

More >>

White Papers

More >>

Reports

More >>

The VPD system uses partial homomorphic encryption techniques to split the encryption key. Homomorphic encryption enables mathematical operations to be performed on encrypted data. This means the master key can remain encrypted even as it encrypts and decrypts data stored in the cloud. The company says that if a master key is stolen, it can't be used to access a data store.

Data security is one of the top concerns for enterprises looking to adopt public cloud services, but the challenge is how to juggle convenient access to data and while managing security through use of encryption keys, says Scott Crawford, research director of Enterprise Management Associates. "Organizations have concerns, and rightly so, about encryption key management, which must be taken seriously to ensure the availability of protected data."

Crawford says Porticor's concept is not new, but the company's implementation for cloud environments is rather novel. He notes there are encryption options for specific SaaS services such as Salesforce.com, which acquired SaaS encryption provider Navajo Systems last year.

"Porticor is primarily targeting infrastructure as a service; however, it's a capability that would be available to application developers if they wanted to build their own application and expose it to customers and partners," says Crawford.

According to the InformationWeek 2012 Data Encryption Survey released earlier this year, there's "growing angst" over encryption of data off-site in the cloud, while enterprises continue to have concerns over the interoperability between encryption products.

Meanwhile, respondents to the InformationWeek 2012 State of Cloud Computing Survey admit that security is a big worry; among nine possible concerns, the three associated with security came in first, second and third, and 44% said they believe risks are greater in the cloud vs. 6% who say providers do a better job at security than they could do internally.

Richard Stiennon, chief research analyst, IT-Harvest, says Porticor's approach is unique and potentially disruptive. He says there are other ways to accomplish what Porticor does, but the VPD system is a more flexible. "I expect it to be able to fit into a lot of other cloud-base services."

Stiennon says Porticor addresses a significant business problem for enterprises: how they can securely store data in the cloud. Existing methods include downloading a software agent that encrypts the data locally and sends it up to the cloud, and all involve a level of complex key management. "You've probably either got shared keys, which is not a good thing, or you have your own key, which is susceptible to theft or just losing it."

Stiennon says few security vendors aside from companies such as SpiderOak give enterprise customers control over their encryption keys. The Porticor's VPD system's use of homomorphic encryption means the owner of the cloud service does not have access to customer data.

"To me this is the most important thing," says Stiennon, because enterprises cannot extend trust to service providers of any sort because providers are subject to subpoena, for example. "Under the Porticor encryption model, the service provider would not be able to divulge customer data regardless of a subpoena because they would not have access to the encryption keys."

The new release of Porticor VPD is available now. Pricing starts at $65 per month per Porticor Virtual Appliance. Porticor, which is headquartered in Israel, was founded in 2010.


Related Reading


Network Computing encourages readers to engage in spirited, healthy debate, including taking us to task. However, Network Computing moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Network Computing further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | Please read our commenting policy.
 
Vendor Comparisons
Network Computing’s Vendor Comparisons provide extensive details on products and services, including downloadable feature matrices. Our categories include:

Research and Reports

Network Computing: April 2013



TechWeb Careers