Big data security software startup Gazzang unveiled its latest encryption and key management support services for GlusterFS-backed OpenStack clouds, the Austin, Texas-based company said Thursday.
The support is geared toward the distributed file system solution from the Red Hat-sponsored open source Gluster Community that backs OpenStack's private and public cloud software.
David Tishgart, senior director of marketing and alliances at Gazzang, said that while the software company doesn't totally sell through the channel, it does have strong partnerships with cloud and big data companies like Amazon, Cloudera, 10gen and Rackspace.
"When their customers say, 'Your platform is great, as is the ability to run analytics on a greater volume and variety of data than ever before. However, I need to be able to secure this data. How do I do that?' They recommend their customers to Gazzang," Tishgart said.
The company, backed by Austin Ventures and Silver Creek Ventures, offers cloud vendors tools to encrypt sensitive data stored on cloud servers and protect the key manager that unlocks the encryption.
Encrypting data stored on cloud servers adds a second layer of protection beyond firewalls and can protect information even if the server has been hacked, Tishgart said.
"Data at rest -- not being analyzed, just sitting dormant on a server somewhere [in this case, on OpenStack cloud servers] -- is susceptible to all sorts of theft and issues," Tishgart said. "At the end of the day, if the data they somehow gain access to is encrypted then it doesn't really matter. All they're going to get is an encrypted blob."
Matt Asay, vice president of business development and strategy at 10gen, a Palo Alto, Calif.-based developer for the open source document database MongoDB and a Gazzang partner, said that real and perceived security vulnerabilities are a "significant inhibitor" to widespread enterprise adoption of any technology.
"This is as true of OpenStack as it is of Amazon Web Services, two cloud technologies upon which our customers rely," Asay said. "As such, the more Gazzang and others help to remove security fears related to running applications on these platforms, the more comfortable our customers feel running MongoDB on them."
Though the tech startup is still developing its partner network, Asay said he expects Gazzang's recent work with OpenStack to help 10gen and other technology vendors.
"While MongoDB comes with advanced security built in, Gazzang's advanced encryption has proved to be a key component in a number of customer applications," Asay said.
Bob Bardwell, business development manager at Rackspace, a Windcrest, Texas-based open cloud hosting company and a Gazzang partner, said that it was encouraging to see the company offer a solution that's compatible with OpenStack and Rackspace, which allows for a "more closely aligned partnership" with Gazzang.
"This announcement is a great testament to the belief in OpenStack, and we're excited to continue working with Gazzang through our Cloud Tools program," Bardwell said.
NEXT: Key Management, The Other Piece Of Security
The data security company's twofold focus also includes key management for encrypted files, which Gazzang's Tishgart said is just as vital an aspect of security, but one with which many companies struggle.
"Gazzang enables companies to take the key and put it on a different server than the information is on," Tishgart said. "If somebody gets ahold of that key, then they can decrypt that data and all the protection you put on it. It's the other piece of the puzzle ... that's the secret sauce that Gazzang provides."
Jarrett Raim, cloud security product manager at Rackspace, said that Gazzang offers good options in terms of key management.
"There's a lot of cases where customers want their keys to be owned by someone other than the owner of the data," Raim said. "If you put the encrypted data on a different server than the key, it's a little bit more secure, a little bit safer."
A market differentiator for Gazzang's latest security announcement is its support of OpenStack, Raim said.
"Part of the goal of open source and OpenStack is to allow any provider that wants to bring something to the community to do that," Raim said. "This is opposed to the closed model, where users don't have that kind of access."
What sets Gazzang apart, according to Tishgart, is its software-based support that can be loaded onto a server, rather than requiring a box or other on-site hardware. "Other companies rely on hardware, so there's some sort of appliance," Tishgart said. "Gazzang is 100 percent software, which is really cool because it enables us to work in the cloud. These other encryption, key management providers don't work well with Amazon, Rackspace, OpenStack and some of the key cloud vendors that enterprises are starting to go to now."
10gen's Asay said he's found that, in general, software-based encryption provides flexibility, while hardware-based encryption allows for better performance.
"Customers will decide which approach is best for them," Asay said. "We have found Gazzang's approach to be a valuable addition to our partner ecosystem and believe it will also help customers looking to add security to their OpenStack deployments."
PUBLISHED JULY 19, 2013