Maureen O'Gara

Porticor has fleshed out its security widgetry and figures it can now deliver the only system anywhere that can secure data in the cloud.

It does it with an algorithm that protects cloud data while it's stored and in use.

The two-year-old Tel Aviv company's next trick will be to protect the data while it's in motion.

The unique widgetry, said to offer higher protection than available to a physical data center, comes in Proticor's Virtual Private Data (VPD) system. It combines data encryption with the firm's patented key management and protects data stored in public, private and hybrid clouds.



See, traditional cloud encryption solutions give customer encryption keys to security vendors and cloud providers, creating the possibility of a breach. Porticor keeps encryption keys in the customer's control, unexposed to risk and not in the cloud. It solves the security issues surrounding data at rest in the cloud.

It works across virtual disks, databases, distributed storage and file systems. Porticor says IaaS and PaaS cloud users can create a secured environment in minutes while eliminating the need to trust a security vendor or cloud provider with their encryption keys.

The company has added homomorphic key encryption technology to the widgetry to keep the master keys fully encrypted and secure while being used to access cloud data.

It's the world's first commercial application of homomorphic encryption technology, and Porticor says "organizations can now fully trust that their cloud data is secure and cannot be compromised while stored or being accessed."

Homomorphic encryption lets mathematical operations be run on encrypted data. Porticor's patent-pending technology implements partially homomorphic encryption techniques for combining and splitting encryption keys. It enables the Porticor VPD system to give the application access to the data store without exposing the master keys in an unencrypted state. This also ensures that if a master key is stolen, it can still never be used to access a data store.

Porticor founder and CEO Gilad Parann-Nissany said that if a hacker did manage to penetrate the first server, that's as far as he could get.

The company says its homomorphic key-encryption approach is open to rigorous mathematical proof and cryptographic analysis under explicit and well-defined mathematical assumptions. See www.porticor.com/hkm-analysis.

The solution should increase cloud adoption especially by healthcare, media, manufacturing and financial services companies.

VPD, which includes Porticor's Virtual Appliance and its Virtual Key Management Service, is deployed in the cloud and managed from Porticor's customer portal.

It meets compliance regulations such as SOX, HIPAA, PCI DSS and GLBA, while also solving issues raised by EU Data Protection and the US Patriot Act.

Pricing starts at $65 a month per Porticor Virtual Appliance. See www.porticor.com/pricing-plans/.

The company is an official Amazon Web Services Solution provider, a VMware Technology Alliance Partner, and supports other clouds.