The product of the startup is a virtual appliance, deployed on a company server, which will transform on the fly and seamlessly sensitive information transmitted and received since the application hosted in the clouds , and thus making them unusable outside the "walls" of the organization. To take one example, when a user enters the name of a client application (via its web browser), it is converted by the appliance a string of meaningless characters before being sent to servers and, conversely, when the user accesses the client (still in their browser), the reverse conversion is applied to restore the original name.
Two types of transformations are proposed: either the data encryption (using "keys" which are confined to internal servers) either the " tokenization", which involves managing correspondence tables between the data "real" (which thus remain inside the company) and those actually recorded in the application. This latter method, more cumbersome, not only helps protect sensitive information but also to respect the regulations in force in some areas that prohibit their "export" outside the borders.
The principle of CipherCloud solution is not as simple as it sounds because it must operate without any change in applications , and therein lies the expertise society. For example, the functions of sorting, searching or selection available in most software should be preserved, even on the figures or "tokenisées.
CipherCloud announces the availability of its solution for March, first for the platform of CRM (Customer Relationship Management ) SalesForce. As recalled in an article ComputerWorld, society is not alone in this niche : Vormetric has recently unveiled a similar system for the cloud Amazon, while Voltage Security Navajo and Systems were also positioned. This multiplication of actors is the natural response to the expectations of many customers and specialists Cloud (Amazon and Salesforce head) do not hesitate to promote it among their prospects hesitant ...
All these solutions offer a compelling case indeed to enjoy the benefits of cloud without having to assume all risks. However, we must not lose sight that they are not without flaws . First, they have a cost (5 to 20 USD per user for CipherCloud). Then, they need infrastructure internal, sometimes heavy (especially in the case of the "tokenization"), he has to manage and administer. Finally, they reduce the flexibility, for example by banning mobile access "simple" applications.
All these parameters must be taken into account before launching. But there is no doubt that the equation will remain favorable cloud in many cases ...
0 comments:
Post a Comment