In use in-house, company will offer encryption-as-a-service to defense, intell community
Exceptional Software Strategies is planning to offer encryption-as-a-service to the defense and intelligence community, helping agencies to protect data in private clouds.
Exceptional Software is using technology from CipherCloud to securely move its own customer relationship management system and e-mail to the cloud. However, as a provider of IT solutions and services to federal, state and local government agencies – many of them in the defense and intelligence arena – the company wants to offer those agencies CipherCloud encryption technology for use in private clouds, said Barry Budish, vice president of strategic development with Exceptional Software Strategies.
“Encryption is the common foundation for data security in defense and intelligence services. However, the lack of encryption to easily blanket public and private clouds is a tremendous barrier,” said Bob Flores, previously CTO at the CIA and now president of Applicology, an IT consulting firm.
Can the cloud really keep a (government) secret?
CipherCloud encrypts data across multiple cloud apps
CipherCloud’s encryption gateway can secure data across borders and clouds without changing architectures. This opens the door for the defense industry to use public clouds while meeting stringent security requirements such as those related to the International Traffic in Arms Regulations for handling sensitive data, which is enforced by the State Department, Flores noted.
"We evaluated a number of products, but [CipherCloud] allows the data owner to own the key as opposed to a vendor or third party,” Budish said. “Not only do you improve security, but you hold the keys, not somebody else,” he said.
The company is using CipherCloud for Salesforce and CipherCloud for Microsoft Office 365.
CipherCloud's encryption gateway secures sensitive data in real time across multiple cloud applications without affecting functionality or performance. The CipherCloud Platform secures multiple cloud applications including Salesforce, Force.com, Chatter, Gmail, Office 365 and Amazon Web Services.
The technology includes strong encryption, tokenization, activity monitoring and malware detection. The company recently unveiled Connect AnyApp, which encrypts data in transit, in use and at rest for public and private cloud Web applications.
CipherCloud also introduced a new version of its gateway on September 13. Gateway 3.5 dynamically enforces content-aware encryption policies and supports the latest mobile touch applications for CipherCloud’s growing list of encryption and tokenization-ready cloud applications, company officials said.
With content-aware encryption, the CipherCloud Gateway is configured with policies to identify sensitive data and automatically encrypt one or more fields.
Transparent encryption through the CipherCloud gateway allows enterprises to provide broad access to mobile applications and devices, including HTML5 applications like Salesforce Touch, along with other e-mail and collaboration applications on Android, Research in Motion BlackBerry, Apple iOS, and Microsoft Windows Phone devices, officials said.
Rutrell Yasin is senior editor for Government Computer News. Follow him on Twitter: @Yasin36.