CAMPBELL, Calif., June 26, 2014 -- Porticor®, a leading cloud data security company delivering the only cloud-based data encryption and key management solution that infuses trust into the cloud and keeps cloud data confidential, today announced that its Porticor Virtual Private Data (VPD) system integrates with the new Amazon Web Services (AWS) S3 Server Side Encryption with Customer-Provided Keys (SSE-C) to help customers protect their data using a secure integration, provided by Porticor’s unique software-defined key management service.
AWS’ S3 SSE-C allows AWS users to create and manage their own keys for S3 Server Side Encryption, which previously required keys to be managed by AWS alone, enhancing the security of AWS S3 for storing sensitive data. However, following data security best practices of creating different encryption keys for each S3 object can create hundreds or thousands of keys for customers to manage.
With newly released AWS S3 SSE-C support, the Porticor VPD appliance serves as a secure source for crypto-grade random numbers required for cryptographic keys. It also enables customers to automatically store, manage, and retrieve the many keys required for each S3 object, securing cloud data and complying with regulations such as HIPAA and PCI which require encryption keys to be kept in customers’ control.
“AWS’s move away from managing encryption keys itself is a great validation of Porticor’s software-defined key management approach -- which lets customers maintain control of their encryption keys in a truly secure manner using a scalable and virtual service,” said Gilad Parann-Nissany, Porticor founder and CEO. “AWS is enhancing security to protect their customers’ data in the cloud, but AWS cannot take responsibility for ownership of customer data or the key management security mechanisms. As a result, customers were required to implement on-premise or cloud-based hardware security modules. In a cloud implementation, hardware concepts simply do not scale. Porticor provides the only software-defined, automated solution that uniquely meets this need, and eliminates the need for cumbersome, non-scalable, and expensive hardware security modules.”
The Porticor Virtual Private Data (VPD) system is the industry’s only solution combining data encryption with patented split-key encryption and homomorphic key management technologies to protect critical data in public, private and hybrid cloud environments. Unlike traditional data encryption solutions, which are complicated and expensive to deploy and manage, Porticor’s split-key encryption and homomorphic key management system is offered as the industry’s first cloud data protection service of its kind, delivering true confidentiality of data in the cloud by ensuring customer encryption keys are not exposed. (continued...)