Porticor Adds Software-Defined Encryption Key Management to nScaled's Leading IT BCDR Platform for Complete Protection of Replicated Data in the Cloud

CAMPBELL, Calif., and SAN FRANCISCO Porticor and nScaled today announced the industry's first joint solution integrating software-defined homomorphic encryption key management to protect customers' cloud information and applications replicated for IT Business Continuity and Disaster Recovery (BCDR).

Porticor is a leading cloud data security company delivering the only cloud-based key management and data encryption solution that infuses trust into the cloud and keeps cloud data confidential. nScaled is a provider of automated, integrated IT Business Continuity and Disaster Recovery (BCDR) solutions.

nScaled's Disaster Recovery as a Service (DRaaS) platform replicates data, servers, operating systems and applications to protect and deliver critical IT services to users in case of a man-made or natural disaster, equipment failure or data loss. nScaled's DRaaS hybrid cloud solution ensures that replicas are up to date at all times, including both the data and the "virtual machine images" of the code that runs the applications. Forrester Research, Inc., named nScaled a Leader in The Forrester Wave: Disaster-Recovery-As-A-Service Providers, Q1 2014.

Porticor adds key management and encryption to nScaled's solution. Integrated into nScaled's physical and virtual appliance, Porticor encrypts the data store of each application backed up by nScaled's solution seamlessly and transparently. Porticor is also implemented on nScaled's cloud, ensuring that any data replicated to the nScaled cloud is also encrypted. The result is multifaceted, data-at-rest and in-transmission encryption solution that protects information at the customer's data center and in the cloud.

"We are in the insurance business so clients share personal and account information about their employees with us," said Aatash Patel, IT Director at Covala Group, a leading enroller and administrator of voluntary, supplemental individual disability benefits for large employers. "With nScaled in place serving our disaster recovery needs, we needed a private cloud data encryption solution that was high performing and compatible with our VMware environment. Porticor has been our answer to protect clients' confidential information, and help us meet their compliance requirements. We spun up Porticor with nScaled in our cloud without any technical training, and support has been very helpful at both companies. I am very happy with what both vendors are doing together so far."

For a white paper on the partnership and joint solution now available, see http://www.porticor.com/porticor-nscaled-secure-dr/.

"Business continuity and disaster recovery have been one of the most successful services offered through the cloud model, and nScaled delivers the industry's leading automated and integrated solution," said Mark Jameson, VP of Worldwide Sales and Product Strategy at nScaled. "Together with Porticor we are providing the most secure and reliable Disaster Recovery as a Service (DRaaS) to protect customer's data and applications."

"Cloud providers, including providers delivering DRaaS, offer a shared responsibility' model for the security and protection of customer applications and data," said Gilad Parann-Nissany, Porticor founder and CEO. "Now that we have teamed with nScaled, customers can be assured that their applications and information will be available and safe from loss due to disasters and cloud data security threats."

Cloud data encryption provides an effective layer of protection against new cloud security challenges, including internal cloud data center threats, information protection in a shared environment, and compliance requirements which mandate information to be secured both on premises and in the cloud. The challenge created is not in encrypting the data, but with managing the encryption keys. To provide secure cloud management of encryption keys for outsourced data center services to the nScaled cloud, Porticor uses a highly sophisticated and patented approach split key encryption and homomorphic key management.

Continue reading here:
Porticor and nScaled Deliver Secure and Compliant Business Continuity and Disaster Recovery ...

Significant money is at stake and in need of protection in the Payment Card Industry (PCI). The global payment card industry covers several sectors: banks and financial institutions (acquirers), issuers, processors, service providers, merchants carrying out transactions online and via point of sale terminals in bricks and mortar stores, large and small.

PCI SecurityThe PCI Security Organizations Data Security Standard (DSS) applies to your business if you store, process or transmit cardholder data (CHD). The PCI supply chain is not an isolated entity. It needs to protect itself well beyond its own

perimeter fences. This is because business entities also need to protect the billions of people every day that key in their Personal Identity Numbers (PINs) and other personal data as they trade or carry out transactions in store or over the Internet, from fixed and mobile devices using payment cards. Increasingly, commerce takes place via mobile devices over wireless networks, with the card itself rarely being physically present at the store.

As credit and debit cards are used more and more, checks are disappearing in many economies. In a mobile, electronic, global world, the payment card industry continues to grow. In May 2014, for example, 47.1 billion was spent in the United Kingdom on cards of all types (credit and debit), a 7.5% annual growth in spending rates over May 2013, at a time where the countrys economy is a long way from recovery.

Its not surprising therefore that the payment card industry attracts people of malicious intent.

PCI-DSS Encryption RequirementsIn this reality, if your business occupies any of the nodes in the payment card supply chain, you must comply with the 12 core requirements of PCI-DSS to keep perpetrators of payment card fraud at bay. You will need to ensure you have the same levels of protection, and thus of PCI-DSS compliance, in the cloud and in your data centers. In addition, you must make sure that all third-party service providers you use are fully PCI-compliant.

Several of the 12 PCI-DSS requirements are relevant for cloud security. However, on this occasion, well single out those sections of requirement number 3, which relate specifically to the protection of stored cardholder data. As youll see below, you can comply with these requirements by using Porticors data encryption and cloud key management system.

PCI-DSS Encryption: Requirement 3Requirement 3.4, for example, states that you must make sure that Primary Account Numbers (PANs) are unreadable, wherever they are stored. Our solution ensures your compliance here thanks to strong hashing (SHA-2) and AES-256 encryption, augmented by robust encryption key management.

You must not tie decryption keys to user accounts, regardless of whether you encrypt at the disk, file- or column-level of the database, nor must you allow access to the cryptographic key by native operating systems. Your compliance is assured on both points with Porticors key management algorithm, which by default splits the key. This keeps it independent of the OS, as well as administrators and service providers in your supply chain. In other words, access is limited to very few custodians and, always acting together, rather than any one on their own, ensures your compliance with requirements 3.5.1 and 3.5.2.

Continued here:
@CloudExpo | PCI-DSS Encryption Requirements

Reston, VA (PRWEB) September 08, 2014

SyncDog, Inc. an industry-leading provider of enterprise mobility solutions, today announced a technology partnership with SafeLogic, a provider of innovative encryption products for applications in servers, workstations, appliances, and mobile devices. SyncDog, known for its SentinelSecure mobile security solutions, will feature SafeLogics CryptoComply module at MobileCON, part of the Super Mobility Week expo in Las Vegas, September 9th-11th.

SyncDogs flagship product SentinelSecure provides mobile app containerization, active mobile server monitoring, mobile device provisioning and administration with end-to-end transaction monitoring. SyncDog has licensed SafeLogics CryptoComply module for deployment on iOS and Android platforms, to provide FIPS 140-2 validated encryption in SyncDogs SentinelSecure container product. SyncDog will be taking orders for SyncDog SentinelSecure featuring CryptoComply at MobileCON in Las Vegas, with full integration for the combined product offering slated for October 1, 2014.

FIPS 140 was established as a benchmark for encryption over 20 years ago, and it is now demanded by enterprise customers worldwide in addition to the government and military, said SafeLogic CEO Ray Potter. The SyncDog partnership now provides wider distribution of a defense-grade secure mobile container to public and private industry, as well as local, state and federal government. We are proud to be a piece of the SentinelSecure solution.

We are excited to be able to offer encryption that has been certified to the FIPS 140 standard, said SyncDog President and CEO Jonas Gyllensvaan. We look forward to discussing this new development and other client work with our SentinelSecure product line at MobileCON in Las Vegas.

Gyllensvaan and Potter will be available to the media in the SyncDog booth (#7711) at MobileCON from 1:00-2:00 PM Pacific Time on Tuesday, September 9. A media advisory has been issued and can be accessed here for this editorial interview opportunity.

About SyncDog, Inc.

A mobile workforce fueled by BYOD is fast replacing traditional computing as the most complex work platform for IT professionals to manage. IT shops are now forced to support platforms running outside of their standard networks creating a nearly insurmountable dilemma for maintaining service quality and security.

SyncDog, Inc. offsets this burden in a comprehensive solution that manages pro-active mobile device monitoring, mobile device security, mobile application containerization, and compliance reporting. Our flagship product SyncDog Enterprise Mobility Platform solves the mobility service & security dilemma that keeps IT staff in the dark about service disruptions and security issues caused by malicious and careless users. With SyncDog Enterprise Mobility, IT administrators have the enterprise visibility to be proactive with application delivery and security giving them the freedom to focus on driving revenue to the organization.

The mobile workforce is the new enterprise norm and disruptions to mobile service delivery and system-wide security can be devastating to both revenue and reputation. SyncDog Enterprise Mobility is a powerful combination of low overhead and predictive intelligence for all of todays mobile platforms. Your network supports every transaction crossing it and SyncDog helps you understand it. More info: http://www.syncdog.com.

Read more here:
SyncDog Announces Partnership with SafeLogic, Integrating CryptoComply to SyncDog Sentinel Product for Compliant ...