U.S. Patriot Act, Government Data Rules Drive Encryption Adoption

Printer-friendly version Email this CRN article

A myriad of compliance mandates and data governance rules is forcing some firms to implement encryption before the data is stored in a remote server, and at least one firm specializing in cloud encryption is finding growth in this emerging space.

Pravin Kothari, founder and CEO of San Jose, Calif.-based CipherCloud said his firm is building a strategy and managing the growth fueled by the need for greater transparency and the desire to maintain control of the data despite it being stored remotely. CipherCloud sells security gateways or a Web proxy that provides encryption and tokenization to data before it is sent to cloud-based applications such as Amazon AWS, Salesforce.com, Google Gmail and Microsoft Office 365.

The U.S. Patriot Act, which gives the U.S. government the ability to obtain data from cloud providers, is driving a lot of interest in data encryption, Kothari said. Other countries have similar rules allowing law enforcement to obtain data, but companies can control investigators' access if the data is encrypted and the firm holds the key.

[Related: Emerging Vendors 2012: Cloud Computing Vendors]

"We're seeing a lot of interest outside the United States," Kothari said. "They want the ability and, in some cases, need the ability to maintain a level of control, and encryption helps them do that."

Adoption of cloud services for sensitive data has been slow, but steady growth is anticipated over the next 18 months, said Paula Musich, principal analyst at Sterling, Va.-based Current Analysis. Musich said the challenge for firms like CipherCloud is to maintain growth, because many firms are consolidating systems to reduce the management footprint that exists for point security products. Firms like CipherCloud will be competing with well-established security vendors as the market matures, Musich said. Trend Micro, Symantec and other security firms are providing a variety of security controls, including encryption, for data in the cloud.

"There's been a tremendous amount of hesitation of moving mission critical applications to the cloud because of fear that the security isn't there," Musich said. "Cloud providers are not providing the security and transparency that enterprises are looking for, and enterprises don't have the confidence that it's going to change, but there's still tremendous pressure to move to the cloud."

NEXT: Funding, New Management Evidence Of Growth

Printer-friendly version Email this CRN article