While many organizations could save time and money by moving their email systems to the cloud, security is often a barrier. A new solution coming this spring offers data-in-use encryption technology that addresses data security, privacy, residency and regulatory compliance concerns associated with cloud-based application deployment.
Microsoft Exchange is one of those applications that IT people love to hate because of its complexity and the amount of time it takes to administer. Given an option, many Exchange administrators would love to offload their on-premise application to a hosted cloud solution. While enterprises could save time and money by moving their email systems to the cloud, security is often a barrier.
Migrating Microsoft Exchange to a cloud environment introduces significant regulatory compliance, data residency, and privacy risks that must be addressed. In addition, there are data control issues to overcome.
There’s a new solution coming to market this spring that specifically address the issues around hosting Microsoft Exchange 2010 in a private cloud. Vaultive Inc. offers new data-in-use encryption technology that provides an answer to the data security, privacy, residency and regulatory compliance concerns associated with cloud-based application deployment. Vaultive’s first product is an encryption engine that is customized for Microsoft Exchange and Office 365, but technically it can work with any applications hosted in the cloud.
Vaultive uses a patent-pending form of standard 256 bit AES encryption which protects the referential integrity of the data being encrypted so it can still be processed while the data is in cipher form. The data can be searched, sorted, indexed, and used for reporting without first having to decrypt it.
Vaultive is an in-line encryption solution deployed as a software appliance on a virtual machine or on dedicated hardware. It can be deployed in a variety of places, such as at the corporate DMZ. Data generated by end users either behind the corporate firewall or while roaming is routed through the Vaultive proxy. The data gets encrypted and the cipher text is routed to the appropriate cloud application. While the data is in the cloud, it never has to be decrypted in order to be processed by the application. This protects the data from access by the cloud provider.
The solution is designed to be transparent to end users. No software application or agent needs to be installed on user devices. All the work is done by the proxy software, which holds the encryption keys and the rules for routing data to the application(s) in the cloud.
Vaultive works natively with Microsoft Office 365 antivirus and malware solutions in the cloud, even as the data is stored in cipher form. When a user wants to send an email, the message goes from the user to the proxy server, where it gets decrypted and forwarded on to the recipient in clear text. Any messages and attachments stored in the in-box or other folders are encrypted for complete privacy and security. These actions are all transparent to the end user; he doesn’t have to do anything differently to benefit from the security solution.
The encryption keys are stored on the software appliance. They are themselves encrypted, and the appliance provides key management functions. The appliance contains a rule set for each type of application it must support; for example, CRM, HR, etc. Vaultive plans to support other types of applications besides Exchange and Office 365. Which applications will be supported depends on customers’ requests. Today Vaultive needs to set up the configuration and integration with various applications, but the company will eventually offer APIs and toolsets to allow customers to set up their own encryption service for cloud-based applications.
Certainly every company should consider how it can best control data going into the cloud. It’s an essential protection against hackers, a rogue employee of the cloud provider, and other deliberate actions that pose a risk. Vaultive offers a transparent solution that protects data-at-rest as well as data-in-use by specific applications.
Linda Musthaler is a Principal Analyst with Essential Solutions Corporation. You can write to her at LMusthaler@essential-iws.com.
About Essential Solutions Corp:
Essential Solutions (http://www.essential-iws.com) researches the practical value of information technology, and how it can make individual workers and entire organizations more productive. Essential Solutions offers consulting services to computer industry and corporate clients to help define and fulfill the potential of IT.