SAN JOSE, Calif., Jan. 30, 2013 (GLOBE NEWSWIRE) -- "Chief information security officers and chief security officers
must resolve an array of complex security and regulatory data
residency issues when enterprises plan to store data in the cloud
or remote data centers," according to a new report published by
research company Gartner Inc. The research note, "Five Cloud Data
Residency Issues That Must Not Be Ignored," (1) recommends
enterprises take steps to assure the privacy of sensitive
information, achieve regulatory compliance and understand the
implications of data disclosure laws.
According to the authoring analysts, "even if the data is
encrypted and the keys are managed in a separate jurisdiction,
enterprises should be aware that requests for legal assistance,
based on bilateral agreements, may be executed between those
countries. However, in a well-architected system, the cloud
services provider does not have direct access to the keys. In this
way, if a legal request is made for access to the data, the
enterprise must be involved."
Many countries have passed national laws granting authorities
access to enterprise cloud data that may conflict with the legal
protection rights of data in the originating jurisdiction, leaving
companies wondering how secure their data is and how compliant they
are with regulations. Gartner's research helps enterprises
understand these risks and recommends they:
-- Consider deploying encryption
solutions if there are data residency concerns for data crossing
-- Ensure that privileged users in
cloud services providers are not granted access
-- Manage the keys locally to comply
with local privacy requirements
-- Ensure that the selected vendor
encryption products can provide the level of security, and
operate in the different storage environments and locations as
-- Use a documented key revocation and
We believe CipherCloud meets and exceeds these recommendations
and the Gartner report cites a CipherCloud customer as an example
of how companies are addressing the issues of data residency.
"We believe Gartner's analysts underscore the importance of
cloud encryption and self-ownership of the keys as essential to
confronting data residency risks no matter where the data is
stored," said Pravin Kothari, CEO of CipherCloud. "CipherCloud's
information protection platform ensures no one--whether it's law
enforcement, cloud provider system admins, or cybercriminals--can
access sensitive information under any circumstances without
contacting the data owner first."
The CipherCloud technology incorporates a number of
military-grade, AES 256-based format and operations-preserving
encryption schemes to protect cloud information. Encryption keys
are owned by the enterprise, ensuring that organizations retain
control over data in-transit, in-use, and at-rest in the cloud.
CipherCloud also uses content-aware encryption, which speeds
deployment and continues to break down privacy, residency,
compliance and security barriers to adopting cloud applications.
However, unlike previous approaches, with CipherCloud's
breakthrough encryption technology users enjoy native functionality
like search and sort with near zero-latency. This means that there
is no change to the user experience, even when using dynamic
encryption to enforce data loss prevention rules.
(1) Gartner, Inc., "Five Cloud Data Residency Issues That Must
Not Be Ignored," December 26, 2012, Research report G00246143,
Brian Lowans, Neil MacDonald and Carsten Casper
CipherCloud, the leader in cloud information protection,
provides cloud encryption and tokenization gateways to enable
organizations to securely adopt cloud applications by eliminating
concerns about data privacy, residency, security, and regulatory
compliance. CipherCloud's groundbreakinggateway encrypts sensitive
information in real time, before it's sent to the cloud, using
operations-preserving encryption and tokenization technology
without impacting usability or the application in any way.
The CipherCloud product portfolio supports popular cloud
applications out-of-the-box such as Salesforce, Force.com, Chatter,
Google Gmail, Microsoft Office 365, and Amazon AWS. Additionally,
CipherCloud Connect AnyApp and Database Gateway enable
organizations to extend data protection to hundreds of third-party
cloud and private cloud applications and databases.
CipherCloud is backed by premier venture capital firms including
Andreessen Horowitz, Index Ventures, and T-Venture, the venture
capital arm of Deutsche Telekom. For more information, visit
www.ciphercloud.com and follow us on Twitter @ciphercloud.
CONTACT: Deb Montner
Montner & Associates, Tech PR
dmontner AT montner.com