Porticor Enhances Microsoft SQL Server Encryption with Cloud Key Management Security for Complete Database Protection -- Porticor Virtual Private Data System Leverages Software-Defined Key Management to Eliminate Complexities and Risks Found in Traditional Hardware Encryption Security Modules
CAMPBELL, Calif., Aug. 5, 2014 -- Porticor®, a leading cloud data security company delivering the only cloud-based data encryption and key management solution that infuses trust into the cloud and keeps cloud data confidential, today announced that it supports SQL Server Transparent Data Encryption (TDE), securing Microsoft’s database in cloud infrastructures with its Porticor Virtual Private Data (VPD).
Porticor’s -defined key management solution eliminates risks surrounding storing SQL Database Encryption Keys (DEK) on the database server, where they can be compromised or stolen. Porticor integrated with Microsoft’s Transparent Data Encryption secures data through strong encryption, and also protects it from “root” access by administrators. The Porticor solution supports virtual systems, and private and public clouds.
Storing the data encryption keys in Porticor’s key management service, Porticor’s MS SQL Server plugin is a small installable package that can be added to a running SQL Server database with minimal configuration through normal SQL statements. The Porticor appliance is set up in minutes, and since it is a generic key management system it does not need to be configured to enable integration with a SQL Server. Uniquely, due to Homomorphic Key Management and Split Key Encryption technologies, the solution provides both secure key storage and secure key caching with no hardware needed, combining high security with top performance.
“Since SQL servers often hold an organization’s most important information, they are a favorite target for attacks,” said Gilad Parann-Nissany, Porticor founder and CEO. “Microsoft’s Transparent Data Encryption feature encrypts the database, but in cloud computing the question of encryption key management comes into play. With Porticor, the DEKs are never stored on the SQL Server disk, are protected by a ‘split key’ method, and remain under control of the customer, eliminating the chance of the keys getting stolen or hacked.”
Microsoft created the Extensible Key Management (EKM) API to provide integration between the SQL Server and a Hardware Security Module (HSM) key management system or a software-defined key management solution, such as Porticor. EKM supports Transparent Data Encryption to protect SQL Server data. With Porticor’s EKM integration, the DEK is encrypted by an asymmetric key that never leaves the key management system, and is itself protected through Homomorphic Split Key Encryption. When the database is started, it authenticates into the Porticor virtual appliance and retrieves the DEK. Since the DEK is never stored on the SQL Server’s disk, if the disk is ever removed and discarded, its encrypted tables cannot be decrypted. In addition to wholesale database encryption, EKM and Porticor’s advanced API enable fine granular encryption of specific tables, database row, columns and records.
The Porticor Virtual Private Data system is the industry’s only solution combining data encryption with patented split-key encryption and homomorphic key management technologies to protect critical data in public, private and hybrid cloud environments. Unlike traditional data encryption solutions, which are complicated and expensive to deploy and manage, Porticor’s split-key encryption and homomorphic key management system is offered as the industry’s first cloud data service of its kind, delivering true confidentiality of data in the cloud by ensuring customer encryption keys are not exposed.
While other solutions require encryption keys to be manually managed for every disk, distributed storage or database record, or to be owned by a cloud provider, Porticor’s homomorphic split-key encryption technology eliminates both complexity and compromises. Porticor restores key ownership to customers while automatically managing customer encryption keys with maximum security. With homomorphic key management, the keys are protected at all times -- even while they are in use. Porticor protects the entire data layer stack, including virtual disks, distributed storage, databases, and applications. It dynamically encrypts and decrypts virtual data whenever the needs access, and delivers a key management system that is fully hosted in the cloud, yet offers the confidentiality, security and trust of a system that is hosted inside the datacenter. Within minutes, customers can encrypt their entire data layer with the proven AES 256-bit encryption algorithm. For product release notes see https://pvkm.porticor.com/porticor-setup/release-notes.php.
Porticor is the leading cloud security company delivering easy-to-use and scalable security solutions for cloud data encryption and key management. The Porticor Virtual Private Data™ (VPD) system is the industry’s first solution combining data encryption with patented split-key encryption and homomorphic key management to protect critical data in public, private and hybrid cloud environments. Using breakthrough split-key encryption and homomorphic key management, the Porticor VPD is the only system available that offers the ease-of-use of cloud-based key management without sacrificing trust. Porticor is an Amazon Web Services Technology Partner, a VMware Technology Alliance Partner, and an HP technology partner. The company is headquartered in Tel Aviv, Israel, with offices in Silicon Valley, and is venture backed. For more information, visit: http://www.porticor.com/.