- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
Network World - If you ask IT execs why they're hesitant about moving to the public cloud, security comes up at the top of the list. But security vendors are responding to these concerns with a raft of new products. Here are four interesting cloud security tools that we tested.
Digital Persona's ProWorkgroup SaaS is a cloud security tool that automatically encrypts hard drives on end user PCs and laptops.
GlobalScapeMIX delivers a secure FTP service in the cloud.
NetIQ Cloud Security Service provides a secure proxy for logging into SaaS apps, like Google Apps and Salesforce.com. And CloudPassage embeds a security monitoring and policy enforcement tool into online cloud instances.
Most of DigitalPersona's work has been in bio-authentication — fingerprint readers and their associated security components. But in July, DigitalPersona launched Pro Workgroup SaaS, a cloud security product that provides hard disk encryption for Windows machines.
While the product had been targeted at OEM systems makers (HP is one), it's available now via SaaS (and also as a local server appliance.) We liked it, although that fact that it's currently compatible only with Windows is a drawback.
Developed with an eye towards small/mid-sized organizations, DigitalPersona does something complex, yet simple: it pushes a policy to Windows machines that initiates encryption, manages the keys, then uses its driver app to populate a server database of metrics for reporting purposes.
For some organizations, systematic disk encryption is a critical capability. In a world where laptop/notebook disk losses or thefts can spawn huge liability and costly post-loss processes, DigitalPersona believes that its AES-256 encryption coupled to a full audit trail (the machine phones home every 90 minutes or so with a status) is crucial.
Sensitive data is ostensibly protected; we feel the technique used is strong.
While DigitalPersona's methodology sounds great, there are some issues that DigitalPersona claims to be addressing in future releases. First: it is Windows and Active Directory only. Secondly, it's hosted on Amazon Web Services, which will be fine for some organizations, and not for others because of perceived problems with AWS, including outages and security.
DigitalPersona is also available as a server appliance, but when used in this way, backups and application security is up to an organization's own auspices, responsibilities, and policies.
Finally, it does the internal drive, and not removable drives or drives not on the same controller. It's not a complex application, and we could not break it or thwart it.
We found the steps needed can be divided into three areas: setup the initial server and users, get the policies pushed and the drives encrypted, then deal with the aftermath of servicing users who forget their password.
The drill is that you install (in the case of the appliance), or log onto a pre-generated website obtained from DigitalPersona, then setup groups and users according to AD membership. Then you build a policy file; deliver the file to end users via email, text, flash drive, whatever.