Every Cloud Needs a Silver Lining

Gilad Parann-Nissany

Subscribe to Gilad Parann-Nissany: eMailAlertsEmail Alerts
Get Gilad Parann-Nissany: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Related Topics: CEOs in Technology, Cloud Computing, SOA Best Practices Digest, Compliance Journal, SOA & WOA Magazine, SOA in the Cloud Expo, Virtual Application Appliances, Java in the Cloud

Blog Post

Cloud Security and Encryption

Q&A with Porticor CEO Gilad Parann-Nissany

As security within the cloud continues to be one of the top concerns for many companies and end users, cloud-based data security provider Porticor has officially launched its Porticor Virtual Private Data System service to ensure that customers’ data stored in the cloud is fully secure.

The Porticor VPD system is comprised of Porticor Virtual Appliance and the Porticor Virtual Key Management Service to deliver high level of data privacy in a public environment for data protection, as well as being compliant with regulations like SOX, HIPAA, PCI DDS and GLBA.

Unlike other competing cloud encryption solutions on the market that place customers’ encryption keys in the hands of the security vendor or cloud providers, Porticor’s Virtual Key Management service allows customers to take complete control of the encryption key.

In advance of the company’s official launch on Wednesday, Porticor Cloud Security CEO and founder Gilad Parann-Nissany discussed in an email interview how its VPD system backed by its homomorphic split-key encryption technology works to ensure that data stored in the cloud remains completely secure.

WHIR: Explain how homomorphic split-key encryption technology works to ensure the privacy of data in the cloud?

Gilad Parann-Nissany: Lets’ define the challenge, first. Customers want to both have their cake and eat it: they want security and they want to enjoy the flexibility offered by modern clouds. Let’s demystify the terms “split key” and “homomorphic”. To understand “split key”, think about a bank safe that has two keys, one is held by the customer (call it the “master key”) and another is held by the banker. The advantage is that, if the master key is stolen, the banker will still protect your secrets; and yet the banker is unable to view the secrets in the safe since he does not have the master key. Bankers have been doing that for hundreds of years, only now we bring such an approach to the cloud with some cool technology.

In business terms, this means that neither Porticor nor the cloud provider know the customer keys, leaving control in customer hands. “Homomorphic” capabilities will make this split-key approach even stronger.  Homomorphic encryption allows keys themselves to be encrypted, and to be used and managed without ever having to decrypt them. This is attractive for cloud users – it guarantees their keys remain private in the cloud, unknown to cloud providers, security vendors and hackers. This patented approach is available for the first time as the Porticor Virtual Private Data system.

WHIR: How long has this been in the works for?

GPN: We have been working on this since 2010. We have gone through a beta process and have worked with several corporations, ranging from smaller enterprises to Fortune 1000 companies.

WHIR: How is Porticor’s key encryption security solution more effective than other security solutions?

GPN: Porticor’s solution allows the customer to enjoy the benefits of the cloud to the full, because it works totally in the cloud of the customer’s choice. Yet the customer keeps their data and keys totally secret, they share them with no one. Porticor’s approach is literally the only one on the market that meets both of these customer requirements. In business terms, the customer can outsource to the cloud the complexity of the security solution, and yet keep to themselves the confidentiality of their data.

WHIR: Is this something that Porticor is offering to service providers?

GPN: Porticor is available both directly as a service to cloud users, as well as offered to service providers, who’d like to leverage data security as an added value service they pass to their customers. A service provider deploying Porticor can provide confidentiality to their own customers by allowing their customers to define their individual encryption policy.

WHIR: Who are some of Porticor main channel partners?

GPN: We are an official solution provider of Amazon Web Services and a Red Hat partner.

Originally posted on thewhir.com (WEB HOST INDUSTRY REVIEW)

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at G.ho.st - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.