Vormetric has announced a new application encryption tool kit, which equips corporate IT departments with the ability to create and integrate encryption in their own applications. The new solution, called Vormetric Application Encryption, extends Vormetric’s data security platform with tools to encrypt data at rest within the enterprise and web applications, as well as cloud and big data environments.
Customers were asking for an application layer toolkit because they wanted to design encryption specifically into their applications, Vormetric’s CEO Alan Kessler told securitycurrent.com. “Customers are feeling pressure to increase the amount of data they protect in their applications,” he explained. “It’s clear that increasing regulatory agency requirements concerning privacy, security and compliance, are compelling organizations to protect more data at rest on their servers.”
In general, enterprises are eager to move more resources to the cloud, observed Garrett Bekker, an analyst at 451research.com. “But security concerns remain a major barrier to adoption. Encryption is one way to address those concerns as well as regulatory compliance mandates,” he said.
CEO Kessler said that Vormetric’s central platform will drive down overhead costs for customers as well. “Our one, central policy and management platform means customers don’t have to deal with multiple vendors and buy products piecemeal, or train up to work with different solutions, which all incur additional expenditures,” he said. “We’ve given them a single belly button to push.”
“The performance of Vormetric’s encryption at the operating system layer, just under the application layer, allows customers to integrate our encryption into their own applications,” added Sol Cates, Vormetric’s Chief Security Officer.
The toolkit includes key management, APIs, interfaces and sample code tools to encrypt data at rest within enterprise and web applications, as well as in the cloud and in big data environments. Cates said that the toolkit allows developers to design encryption specifically into their applications. Having a toolkit will reduce developer reluctance to deploy encryption that often requires the use of free open source libraries such as Crypto++ and Java Cryptography Extension (JCE).
Customers will be able to manage encryption of data at rest over extended periods of time, and encrypt specific database fields and customer specific data. So, for example, if a website asks someone to enter sensitive data such as a credit card or social security number, with Vormetric’s application encryption in place, the website owner can selectively encrypt that data as soon as it’s typed into the website fields before the data is communicated on the network. Another use is to encrypt usernames and passwords instead of the normal hash functions used by most applications.
The performance of Vormetric’s encryption at the operating system layer, just under the application layer, is what allows customers to integrate our encryption into their own applications, and create policy about data access as they wish ,” explained Cates. “This tool provides powerful control at the field level for encrypting applications interfacing with databases.”
Of course, competitors such as RSA and SafeNet, also provide application encryption libraries as part of their toolkits, said Cates. “However, these libraries rely on separate key management platform, and deep integration for each application. Vormetric’s Data Security platform allows for transparent or application encryption, with one interface that meets all the data security needs of our customers.”
Just as important as the encryption of the data is controlling access to the encrypted information. Vormetric’s policy management, associated with the application encryption tools, allows customers to determine who should have privileges to access specific data files or databases. The policy then provides monitoring of who accesses, or attempts to access, that data. When unauthorized requests for access occur, the requests are denied and alerts are generated about the unauthorized request.
Vormetric also announced today that it has integrated Intel’s Xeon processor E7v2 chip into its data security platform. The new Intel chip’s AES-NI encryption boosts performance dramatically compared to Intel’s previous generation processor. “Encryption is math,” said Kessler. “So having a faster math processor, so-to-speak, will improve the likelihood that the encryption itself won’t become a performance bottleneck.”
Kessler said that faster encryption can provide more easily managed, cost effective security, which also makes it easier for customers to meet their data security, privacy and compliance needs. “So our customers can get more miles to the gallon, so-to-speak,” said Kessler.
Gail Bronson is an accomplished technology journalist and security start-up entrepreneur. She was the Founding Managing Editor of Bloomberg and the Founding Editor of Forbes Science & Technology section and she held stints at other publications including U.S. News & World Report and Internet Week.