San Jose, Calif., November 15, 2012 – The vulnerability of emails and data stored unencrypted in cloud-based applications is a clear lesson to be learned, according to cybersecurity experts analyzing the facts behind investigations that led to the widely reported downfall of CIA Director David Petraeus.
Key conclusions from the extensive media reporting are that companies and government agencies cannot rely on cloud application providers alone, such as Salesforce.com, Google Gmail, or Microsoft Office 365, for data security and confidentiality of information stored in the cloud. Storing information unencrypted in the cloud leaves personal and business data at risk from cyber criminals, accidental leakage, and other threats.
In addition, the Petraeus case demonstrates how easy it is for law enforcement agencies to legally require cloud application providers to give them access to email and other sensitive data needed for criminal investigations, all without notifying the data’s owner.
“The Petraeus case serves as a wake-up call for executives at companies and senior officials at government agencies to take control of the data. There is no confidentiality of sensitive information in the cloud,” said Pravin Kothari, founder and CEO of CipherCloud. “It is essential that organizations encrypt their data before it’s sent to the cloud. That is the only way to ensure that information is not vulnerable to cloud threats, hackers and accidental leakage.”
An important distinction is that CipherCloud lets the organization who owns the data exclusively control the keys needed to decrypt the data. This approach ensures that emails or other data cannot be exposed, even through legal means without direct engagement with the data owner.
CipherCloud provides a cloud encryption gateway for leading cloud application providers including Salesforce, Google Gmail, Microsoft Office 365, and Amazon AWS . In addition, CipherCloud Connect AnyApp lets organizations implement encryption in hours for all public and private cloud applications and databases. CipherCloud’s encryption and tokenization offerings preserve data format and operations, including search and sort, while requiring no application changes or client software.
To learn more about CipherCloud, see how organizations are securing their information in cloud applications, view online product demonstrations, and request more information please visit www.ciphercloud.com.
CipherCloud is the market-leading provider of cloud encryption and tokenization gateways that enable enterprises to securely adopt cloud applications by eliminating concerns about data privacy, residency, security, and regulatory compliance. CipherCloud’s operations-preserving encryption and tokenization technology secures sensitive information in real time, before it's sent to the cloud, without impacting usability or performance, or requiring any change to the application. The CipherCloud Platform secures multiple cloud applications including Salesforce, Force.com, Chatter, Gmail, Office 365, and Amazon AWS. CipherCloud Connect AnyApp and CipherCloud Gateway can enable organizations to encrypt data for millions of public and private cloud web applications. Recognized by Gartner as a Cool Vendor in Cloud Security in 2011, CipherCloud is backed by premier venture capital firms including Andreessen Horowitz, Index Ventures, and T-Venture, the venture capital arm of Deutsche Telekom. For more information, visit www.ciphercloud.com and follow us on Twitter @ciphercloud.