(Originally posted by Virtual Strategy Magazine here)

VSM: It’s been a while since we’ve spoken, not since Q1 around Porticor’s company and initial product launch. What has the company been up to?

GPN: Thank you for asking. Porticor has been growing on the customer and partner front, and working hard on product innovations, which is why we are talking today. Since our launch we have signed key partnerships, including with Amazon Web Services, VMware, and HP. Customers and the industry continue to validate our solution, and Porticor this year has won some significant industry honors, including being named as the Most Innovative Company of the Year by the Stevie Awards Program.

VSM: And you have a new major release with the Porticor Virtual Private Data security solution? Can you tell us about it?

GPN: Yes, we have extended the functionality of the Porticor Virtual Data system to now protect and keep confidential the encryption keys while they are in use, further protecting data in virtual and cloud environments. As a result, we are helping to assure organizations that they can trust their virtual and cloud data to be safe.

VSM: How is this different than what Porticor previously released to protect organizations’ private data stored in virtual and cloud environments?

GPN: Porticor’s new release protects the encryption keys while in use, and previously the solution protected only data at rest. Specifically, the earlier solution introduced the industry to our patented split-key encryption technology, which protects data encryption keys while they are stored (at rest) by keeping the keys safely in the hands of the customer, not the security vendor or cloud service provider. We have now added the additional security assurance to protect the encryption keys even while in use.

VSM: What are the new use cases that can now be achieved securely in the cloud, and why?

GPN: With this new solution, there are many new private cloud and public cloud use case applications that open up. For example, a virtual bank service that must segregate and encrypt users’ data can now fully benefit from a virtual environment using this solution. Using Porticor, the ISV can now provide a secured virtual bank service while using a public cloud infrastructure. The ISV does not trust anyone but itself with the encryption keys and provides trust and control to its end users, while knowing the most sensitive data – its encryption keys – are secured while at rest and while in use.

VSM: Aren’t there current solutions already available addressing these issues?

GPN: No solution available keeps data encryption keys securely in the hands of the customer; and specific to Porticor’s new release, no solution available protects encryption keys while they are in use to fully secure virtual and cloud data. This is because of an innovation Porticor has rolled out which is the industry’s first commercial use of a highly technical mathematical algorithm called partially-homomorphic encryption technology.

VSM: Can you describe homomorphic technology, and how it’s used to protect virtual and cloud data?

GPN: Homomorphic encryption is a technique that enables mathematical operations to be performed on encrypted data. Porticor’s patent-pending technology implements partially homomorphic encryption techniques for combining and splitting encryption keys. It enables the Porticor VPD system to give the application access to the virtual and cloud data store without exposing the keys in an unencrypted state. This also ensures that if a master key is stolen, it can still never be used to break the entire virtual and cloud data store.

VSM: What is different about your solution? Why is this important?

GPN: Porticor’s system is the industry’s first data protection service delivering true trust to virtual and cloud environments by ensuring customer encryption keys are never exposed, either at rest (stored) or in use. Porticor is also the only data protection system that delivers data security across virtual disks, databases, distributed storage and file systems. This is important because Porticor solves the remaining obstacle to trust in the cloud – protecting the entire data store while keeping the encryption keys secure at all times.

VSM: What are some of the other benefits of this new technology?

GPN: With a lack of trust in the cloud, organizations are inhibited from fully leveraging the well-known business benefits the cloud has to offer. Now, organizations can benefit from the latest in cloud encryption technology from Porticor to leverage the benefits of the cloud, all with full confidence that their data will remain confidential, while maintaining compliance and the highest levels of cloud security. Being fully secure, Porticor also helps organizations meet compliance requirements for regulations such as SOX, HIPAA, PCI DSS, GLBA, EU Data Protection and the US Patriot Act, in these virtual and cloud environments.

VSM: What can we expect to see from Porticor in 2013?

GPN: Porticor’s unique technologies are essentially a “root of trust” for private and public cloud users. During 2013 we expect to continue strong growth with customers in industries like Finance, Health, Insurance, Media and Manufacturing. This allows them to adopt private and public clouds while being defended against a significant variety of threats.

VSM: It’s been great chatting with you today. Anything else you’d like to share about the state of virtualized data protection or the new Porticor solution?

GPN: This is the first commercial application of this type of homomorphic key encryption technique, and I know that many are unfamiliar with it. Porticor’s approach is unique in that it is open to rigorous mathematical proof and cryptographic analysis under explicit and well defined assumptions. For example, Dr. Alon Rosen, a Cryptography expert from the School of Computer Science at the Herzliya Interdisciplnary Center, has independently performed rigorous analysis, resulting in a proof that the approach and its associated protocols “securely realize the intended functionality.”

The post Interview with Gilad Parann-Nissany of Porticor appeared first on Porticor Cloud Security.