Welcome!

Microsoft Cloud Authors: Pat Romanski, Jnan Dash, Andreas Grabner, Lori MacVittie, Jim Kaskade

Blog Feed Post

Porticor Enhances Microsoft SQL Server Encryption with Cloud Key Management Security for Complete Database Protection

Porticor Virtual Private Data System Leverages Software-Defined Key Management to Eliminate Complexities and Risks Found in Traditional Hardware Encryption Security Modules

CAMPBELL, Calif. – Aug. 5, 2014 – Porticor®, a leading cloud data security company delivering the only cloud-based data encryption and key management solution that infuses trust into the cloud and keeps cloud data confidential, today announced that it supports Microsoft SQL Server Transparent Data Encryption (TDE), securing Microsoft’s database in cloud infrastructures with its Porticor Virtual Private Data (VPD).

Porticor’s software-defined key management solution eliminates risks surrounding storing SQL Database Encryption Keys (DEK) on the database server, where they can be compromised or stolen.  Porticor integrated with Microsoft’s Transparent Data Encryption secures data through strong encryption, and also protects it from “root” access by administrators.  The Porticor solution supports virtual systems, and private and public clouds.

Storing the data encryption keys in Porticor’s key management service, Porticor’s MS SQL Server plugin is a small installable package that can be added to a running SQL Server database with minimal configuration through normal SQL statements.  The Porticor appliance is set up in minutes, and since it is a generic key management system it does not need to be configured to enable integration with a SQL Server.  Uniquely, due to Homomorphic Key Management and Split Key Encryption technologies, the solution provides both secure key storage and secure key caching with no hardware needed, combining high security with top performance.

“Since SQL servers often hold an organization’s most important information, they are a favorite target for attacks,” said Gilad Parann-Nissany, Porticor founder and CEO.  “Microsoft’s Transparent Data Encryption feature encrypts the database, but in cloud computing the question of encryption key management comes into play.  With Porticor, the DEKs are never stored on the SQL Server disk, are protected by a ‘split key’ method, and remain under control of the customer, eliminating the chance of the keys getting stolen or hacked.”

Microsoft created the Extensible Key Management (EKM) API to provide integration between the SQL Server and a Hardware Security Module (HSM) key management system or a software-defined key management solution, such as Porticor.  EKM supports Transparent Data Encryption to protect SQL Server data.  With Porticor’s EKM integration, the DEK is encrypted by an asymmetric key that never leaves the key management system, and is itself protected through Homomorphic Split Key Encryption. When the database is started, it authenticates into the Porticor virtual appliance and retrieves the DEK.  Since the DEK is never stored on the SQL Server’s disk, if the disk is ever removed and discarded, its encrypted tables cannot be decrypted.  In addition to wholesale database encryption, EKM and Porticor’s advanced API enable fine granular encryption of specific tables, database row, columns and records.

The Porticor Virtual Private Data system is the industry’s only solution combining data encryption with patented split-key encryption and homomorphic key management technologies to protect critical data in public, private and hybrid cloud environments.  Unlike traditional data encryption solutions, which are complicated and expensive to deploy and manage, Porticor’s split-key encryption and homomorphic key management system is offered as the industry’s first cloud data protection service of its kind, delivering true confidentiality of data in the cloud by ensuring customer encryption keys are not exposed.

While other solutions require encryption keys to be manually managed for every disk, distributed storage or database record, or to be owned by a cloud provider, Porticor’s homomorphic split-key encryption technology eliminates both complexity and compromises.  Porticor restores key ownership to customers while automatically managing customer encryption keys with maximum security.  With homomorphic key management, the keys are protected at all times – even while they are in use.  Porticor protects the entire data layer stack, including virtual disks, distributed storage, databases, and applications.  It dynamically encrypts and decrypts virtual data whenever the application needs access, and delivers a key management system that is fully hosted in the cloud, yet offers the confidentiality, security and trust of a system that is hosted inside the datacenter.  Within minutes, customers can encrypt their entire data layer with the proven AES 256-bit encryption algorithm. For product release notes see https://pvkm.porticor.com/porticor-setup/release-notes.php.

About Porticor

Porticor is the leading cloud security company delivering easy-to-use and scalable security solutions for cloud data encryption and key management.  The Porticor Virtual Private Data (VPD) system is the industry’s first solution combining data encryption with patented split-key encryption and homomorphic key management to protect critical data in public, private and hybrid cloud environments.  Using breakthrough split-key encryption and homomorphic key management, the Porticor VPD is the only system available that offers the ease-of-use of cloud-based key management without sacrificing trust.  Porticor is an Amazon Web Services Technology Partner, a VMware Technology Alliance Partner, and an HP technology partner.  The company is headquartered in Tel Aviv, Israel, with offices in Silicon Valley, and is venture backed.  For more information, visit: http://www.porticor.com/.

###

The post Porticor Enhances Microsoft SQL Server Encryption with Cloud Key Management Security for Complete Database Protection appeared first on Porticor Cloud Security.

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at G.ho.st - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.

@ThingsExpo Stories
WebRTC services have already permeated corporate communications in the form of videoconferencing solutions. However, WebRTC has the potential of going beyond and catalyzing a new class of services providing more than calls with capabilities such as mass-scale real-time media broadcasting, enriched and augmented video, person-to-machine and machine-to-machine communications. In his session at @ThingsExpo, Luis Lopez, CEO of Kurento, introduced the technologies required for implementing these idea...
The WebRTC Summit New York, to be held June 6-8, 2017, at the Javits Center in New York City, NY, announces that its Call for Papers is now open. Topics include all aspects of improving IT delivery by eliminating waste through automated business models leveraging cloud technologies. WebRTC Summit is co-located with 20th International Cloud Expo and @ThingsExpo. WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web co...
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform. In his session at @ThingsExpo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and shared the must-have mindsets for removing complexity from the develop...
While not quite mainstream yet, WebRTC is starting to gain ground with Carriers, Enterprises and Independent Software Vendors (ISV’s) alike. WebRTC makes it easy for developers to add audio and video communications into their applications by using Web browsers as their platform. But like any market, every customer engagement has unique requirements, as well as constraints. And of course, one size does not fit all. In her session at WebRTC Summit, Dr. Natasha Tamaskar, Vice President, Head of C...
Who are you? How do you introduce yourself? Do you use a name, or do you greet a friend by the last four digits of his social security number? Assuming you don’t, why are we content to associate our identity with 10 random digits assigned by our phone company? Identity is an issue that affects everyone, but as individuals we don’t spend a lot of time thinking about it. In his session at @ThingsExpo, Ben Klang, Founder & President of Mojo Lingo, discussed the impact of technology on identity. Sho...
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
With all the incredible momentum behind the Internet of Things (IoT) industry, it is easy to forget that not a single CEO wakes up and wonders if “my IoT is broken.” What they wonder is if they are making the right decisions to do all they can to increase revenue, decrease costs, and improve customer experience – effectively the same challenges they have always had in growing their business. The exciting thing about the IoT industry is now these decisions can be better, faster, and smarter. Now ...
WebRTC is about the data channel as much as about video and audio conferencing. However, basically all commercial WebRTC applications have been built with a focus on audio and video. The handling of “data” has been limited to text chat and file download – all other data sharing seems to end with screensharing. What is holding back a more intensive use of peer-to-peer data? In her session at @ThingsExpo, Dr Silvia Pfeiffer, WebRTC Applications Team Lead at National ICT Australia, looked at differ...
Internet of @ThingsExpo, taking place June 6-8, 2017 at the Javits Center in New York City, New York, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @ThingsExpo New York Call for Papers is now open.
WebRTC has had a real tough three or four years, and so have those working with it. Only a few short years ago, the development world were excited about WebRTC and proclaiming how awesome it was. You might have played with the technology a couple of years ago, only to find the extra infrastructure requirements were painful to implement and poorly documented. This probably left a bitter taste in your mouth, especially when things went wrong.
A critical component of any IoT project is what to do with all the data being generated. This data needs to be captured, processed, structured, and stored in a way to facilitate different kinds of queries. Traditional data warehouse and analytical systems are mature technologies that can be used to handle certain kinds of queries, but they are not always well suited to many problems, particularly when there is a need for real-time insights.
Big Data engines are powering a lot of service businesses right now. Data is collected from users from wearable technologies, web behaviors, purchase behavior as well as several arbitrary data points we’d never think of. The demand for faster and bigger engines to crunch and serve up the data to services is growing exponentially. You see a LOT of correlation between “Cloud” and “Big Data” but on Big Data and “Hybrid,” where hybrid hosting is the sanest approach to the Big Data Infrastructure pro...
Businesses are struggling to manage the information flow and interactions between all of these new devices and things jumping on their network, and the apps and IT systems they control. The data businesses gather is only helpful if they can do something with it. In his session at @ThingsExpo, Chris Witeck, Principal Technology Strategist at Citrix, discussed how different the impact of IoT will be for large businesses, expanding how IoT will allow large organizations to make their legacy applica...
SYS-CON Events announced today that Catchpoint, a leading digital experience intelligence company, has been named “Silver Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Catchpoint Systems is a leading Digital Performance Analytics company that provides unparalleled insight into your customer-critical services to help you consistently deliver an amazing customer experience. Designed for digital business, C...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place June 6-8, 2017, at the Javits Center in New York City, New York, is co-located with 20th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry p...
"There's a growing demand from users for things to be faster. When you think about all the transactions or interactions users will have with your product and everything that is between those transactions and interactions - what drives us at Catchpoint Systems is the idea to measure that and to analyze it," explained Leo Vasiliou, Director of Web Performance Engineering at Catchpoint Systems, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York Ci...
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in Embedded and IoT solutions, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 7-9, 2017, at the Javits Center in New York City, NY. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology, is a premier provider of advanced server Building Block Solutions® for Data Center, Cloud Computing, Enterprise IT, Hadoop/Big Data, HPC and E...
SYS-CON Events announced today that Linux Academy, the foremost online Linux and cloud training platform and community, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Linux Academy was founded on the belief that providing high-quality, in-depth training should be available at an affordable price. Industry leaders in quality training, provided services, and student certification passes, its goal is to c...
20th Cloud Expo, taking place June 6-8, 2017, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy.