CipherCloud Uses Encryption, Tokenization To Bolster Cloud Security


CipherCloud has come out of stealth mode as a cloud security player that looks to remove one of the key barriers to cloud computing adoption: fears and concerns about data protection.

The Cupertino, Calif.-based company launched this month with a virtual appliance that can be used on-premise or in the cloud to encrypt sensitive data before it reaches the cloud. And unlike other encryption offerings, CipherCloud lets users control the encryption and decryption and gives the enterprises the only set of encryption keys to ensure data is protected, said CipherCloud CEO and founder Pravin Kothari.

CipherCloud looks to address data privacy, residency and regulatory compliance requirements in the cloud, without having a negative impact on application performance. Additionally, CipherCloud does not require changes to cloud applications and will not impact the user experience, Kothari said.

For IT admins and solution providers, CipherCloud unlocks the ability to have control and visibility over enterprise data that resides in the cloud and speed adoption of cloud applications like Salesforce.com, Google Apps and others.

Kothari said CipherCloud uses format-and-function-preserving encryption and tokenization techniques, along with a cloud security gateway, which lets customers encrypt data on the fly before it leaves the enterprise while also capturing user activity. Kothari said when data passes through the gateway, it is encrypted according to security policy and configuration to ensure that only users can access the data regardless of where it resides.

CipherCloud also supports data tokenization, which replaces sensitive data entered into a cloud application with anonymous values, meaning if an unauthorized user tries to view sensitive data, they will see jumbled letters and numbers.

"The architecture is a Web proxy and it monitors traffic in the cloud going to Salesforce.com and Google Apps," he said, adding that partial encryption is also supported.

Solution providers and customers can deploy CipherCloud in the cloud or in their data center, without network or cloud application adjustments.

Kothari said CipherCloud's approach lets users solve several cloud security issues, like data privacy, residency, compliance, governance, security and monitoring in one fell swoop. It enables logging of user activity across all cloud applications to ensure and manage compliance and forensic requirements like who is doing what, where and when and in which application and on which object. It also assists in achieving many regulatory compliance standards like PCI, HIPAA, HIGECH and more.

Kothari added that CipherCloud is tailor-made for cloud application providers and that the company is currently recruiting hosting partners. Cloud application providers can tie CipherCloud's virtual appliance into their offerings which can make their applications more attractive to security-conscious industries like finance, insurance, healthcare and government.

Currently, CipherCloud works in Salesforce.com environments, and Google Apps protection is in development. Kothari said CipherCloud will eventually work with any cloud provider or platform.