CipherCloud Encryption Drives Enterprise Cloud Database Adoption

CipherCloud Database Gateway is Industry’s First Encryption Gateway for Cloud-based Databases

SAN JOSE, Calif., September 27, 2012

CipherCloud, the leader in cloud encryption, introduced today CipherCloud Database Gateway that encrypts data-at-rest for leading cloud-based database systems without requiring application, schema, or database infrastructure changes that are either difficult and expensive or impossible. Supported databases include IaaS, SaaS, and PaaS systems such as Amazon RDS, Microsoft SQL Azure, Oracle Database Cloud Service, and database.com, as well as millions of existing private cloud and behind-the-firewall database installations of Oracle Database, Microsoft SQL Server, and MySQL. Enterprises can easily secure data stored in database systems with simple configuration, finally eliminating the data privacy, residency, compliance and security barriers to moving enterprise production databases to the cloud.

With CipherCloud Database Gateway, application developers, business analysts, database administrators, or system administrators simply specify database columns and rows to be encrypted or tokenized.  Like all other CipherCloud encryption gateways, there are absolutely no application, cloud, database, or infrastructure changes required. Enterprises can select from multiple encryption and tokenization options that preserve data format and operations, including search, sort, and indexing.

CipherCloud Database Gateway is the latest addition to the CipherCloud Platform that provides cloud encryption across the enterprise. The CipherCloud Platform reduces the complexities of protecting business data by enabling organizations to quickly deploy and manage encryption across multiple cloud applications with a single system, saving time and money.

The Breakthrough

Before CipherCloud Database Gateway, cloud database encryption required changing infrastructure, relying on a cloud service provider, or spending an extensive amount of time and money on custom development. These options left database encryption keys in the hands of the cloud provider or other organizations, thus failing to meet data privacy, residency, and compliance requirements of regulators and auditors.

CipherCloud Database Gateway, the industry’s first encryption gateway for cloud database systems, eliminates the data privacy, residency, compliance, and security barriers that have held back deployments. Now millions of public and private cloud databases along with those behind-the-firewall can be secured with patent-pending format and operations preserving encryption and tokenization simply by setting a policy in the CipherCloud Web-based administrator’s console. Once a database gateway is configured and encryption policies enabled, data inserted, updated, or searched is automatically encrypted and decrypted on-the-fly.

“Major enterprises run hundreds, even thousands, of production database systems. The cloud’s elastic performance and storage makes it compelling for enterprises to migrate databases to the cloud. But data privacy, residency, security and compliance concerns are holding enterprises back,” said CipherCloud Founder and CEO Pravin Kothari. “Once again CipherCloud is extending our industry leadership and now opening the door to cloud databases with another industry first: an amazingly easy-to-deploy high-performance gateway encryption system for millions of compatible cloud and behind-the-firewall databases.”

Key benefits of CipherCloud Database Gateway include:

  • Remove Data Security, Residency, Privacy, and Compliance Barriers: CipherCloud offers enterprises the choice of using format and operations preserving encryption or tokenization for leading IaaS, SaaS, and PaaS databases as well as millions of behind-the-firewall database systems.
  • Preserve Enterprise Control Over Cloud Data: Secure key management, with keys owned by the enterprise and standard AES-256 encryption, ensure organizations retain control over data in-transit and at-rest in the cloud.
  • Deliver Complete Database Functionality: Unlike previous approaches to integrating encryption, database applications now retain native functionality like search, sort, and indexing with CipherCloud’s format and operations preserving encryption and tokenization. There are no changes required for application developers or database administrators, even when using on-the-fly context-aware encryption policies to enforce data loss prevention rules.
  • Reduce the Cost of Securing Enterprise Clouds: Now millions of databases can quickly and easily use data-at-rest encryption or tokenization without any programming or impossible infrastructure changes. The CipherCloud Platform provides a single cloud encryption platform for securing all cloud applications. Gartner forecasts that cloud encryption will be used by more than 25 percent of enterprises in 2016, up from less than 1 percent today, and will reduce the cost of securing the cloud by 30 percent.

To learn more about how CipherCloud is revolutionizing encryption, see product demos, and request more information, please visit www.ciphercloud.com.

Example Use Cases

Common use cases for CipherCloud Database Gateway include:

  • Health Insurer Moving to Oracle on Amazon RDS: A U.S.-based cloud is moving 10 different Oracle database systems to Amazon RDS. Amazon will allow the insurer to quickly scale storage and focus on new application development rather than datacenter operations. Applications accessing the Oracle databases in Amazon RDS will run from both inside the insurer and Amazon EC2. While Amazon’s cloud strengthens the layered network defenses compared to the organization’s own security systems, Amazon does not sign Business Associates Agreements (BAA) necessary for HIPPA/HITECH compliance. To ensure compliance, the insurer is using CipherCloud Database Gateway. No modification to existing applications was necessary and the organization can easily demonstrate control over encryption keys and encrypted data stored in Amazon RDS.
  • State Criminal Justice Agency Moving Criminal Records to the Cloud with Windows Azure SQL Database: A western U.S. state is migrating its criminal records system to the Windows Azure SQL Database system. The updated application will be available to authorized police from both browser and mobile device applications. However, under CJIS (Criminal Justice Information Services) requirements for law enforcement, the agency must ensure that only authorized individuals with full background checks can access the agency’s systems. This level of control is not possible using the standard Windows cloud system, so the agency is using the CipherCloud Database Gateway to encrypt data stored in Microsoft’s cloud. Encryption is performed in the agency’s remaining data center and only it has access to the encryption keys. This provides the agency assurance that only vetted and cleared individuals can access criminal justice systems and data stored in the Azure cloud.
  • Financial Services Organization Running Legacy Sybase Application Behind the Firewall: A global bank headquartered in the UK with IT operations in London and New York became concerned that database administrators (DBAs) could access sensitive client data. The desktop and Windows server applications were developed 10 years ago and are maintained on previous versions of Sybase databases. Using CipherCloud Database Gateway, application support staff simply swapped JDBC drivers and configured centrally-managed encryption policies.  Now, not even DBAs can have access to information. Furthermore, the bank did not need to update, acquire, or deploy new applications or database technology.

About CipherCloud

CipherCloud is the market-leading provider of cloud encryption and tokenization gateways that enable enterprises to securely adopt cloud applications by eliminating concerns about data privacy, residency, security, and regulatory compliance. CipherCloud’s patent-pending operations-preserving encryption and tokenization technology secures sensitive information in real time, before it’s sent to the cloud, without impacting usability or performance, or requiring any change to the application. The CipherCloud Platform secures multiple cloud applications including Salesforce, Force.com, Chatter, Gmail, Office 365, and Amazon AWS. CipherCloud Connect AnyApp enables enterprise to encrypt data for millions of public and private cloud web applications. Recognized by Gartner as a Cool Vendor in Cloud Security in 2011, CipherCloud is backed by premier venture capital firms including Andreessen Horowitz, Index Ventures, and T-Venture, the venture capital arm of Deutsche Telekom. For more information, visit www.ciphercloud.com and follow us on Twitter @ciphercloud.