Software Monetization Featured Article

SafeNet Introduces Encryption-as-a-Service

December 04, 2014

It is no secret that ever since the cloud became the place to move that its security capabilities have been questioned, and many say have posed an obstacle to even faster migration of enterprise functionality to the cloud.  While the skepticism seems unjustified since it can be argued as well as demonstrated that in many ways the cloud is actually safer than many legacy on-premise systems, this is not to say said concerns are totally unjustified. They are not. 

No security solution is completely failsafe, but the best are amazing deterrents and certainly help in overall risk management.  However, there have been holes in the security safety business, and a rather interesting one has been filled with the recent announcement from data protection solutions provider SafeNet, Inc., with its new ProtectV for Cloud Service Providers.  This encryption solution, that joins the ProtectV portfolio, lets service providers deliver enhanced data protection and access control to their customers when storing their data in cloud and virtual environments.

Why is this a big deal?  The answer is that even conservative predictions are estimating that upwards of 70 percent of organizations will be using virtualization by the end of 2015. There have also been estimates that an even larger percent of new applications will be developed and tailored for the cloud and by extension for distributed use on fixed and mobile devices anywhere and at any time.  What this means is that the ability to secure all data that is both stored in the cloud and is there to be repeatedly accessed and moved makes it an imperative for service provider business models and enterprises' that data be keep safe all the time and that it be done so in adherence to the increasing number of compliance regulations.

"By adding the ability to offer encryption-as-a-service through SafeNet (News - Alert) along with our IaaS solutions, we are helping our customers move to the cloud with confidence," said Tomas Novak, CTO at Cloud4com.  "As a service provider, SafeNet ProtectV enables us to differentiate our offerings from other cloud providers, build greater relationships with customers, and create more revenue opportunities."

With service providers looking for monetization opportunities that establish them as important players in evolving cloud-centric ecosystems, ProtectV is designed to allow them to do just that. As SafeNet notes, it can be deployed into a customer environment as part of a service provider's Infrastructure-as-a-Service (IaaS) offering. Benefits include delivery of full encryption of virtual machines and storage volumes that customers can use to protect their data and segregate it from the provider and other customers. 

This capability addresses one of the concerns enterprises have about the cloud in terms of the perception that multi-tenant environments are less secure and controllable then dedicated ones.  ProtectV is designed to obviate those fears as it prevents unauthorized data access by enabling organizations to separate and control their information in multi-tenant environments, including public and hybrid cloud models.  In fact, ProtectV for Service Providers is available for Amazon Web Services (News - Alert) partners and VMware-based cloud platforms.

ProtectV Benefits

The SafeNet solution really does help service providers not just be in the game, but potentially be game changers.  Benefits of ProtectV for Service Providers cited by SafeNet include:

  • The ability to quickly provision encryption services for customers and then offer the service on a pay-as-you-go basis, thanks to both a flexible billing package and a built-in usage metering API.
  • Integration with existing service offerings with programmatic API support.
  • Pre-launch authentication and granular access controls to deliver complete control and proof of ownership for both the encrypted data and associated keys by both the customer and their service provider.
  • ProtectV combines with SafeNet's virtual or hardware key management solutions to deliver FIPS 140-2-level security.
  • For enterprises, the solution allows them to use IaaS offerings with full data lifecycle accountability, audit trails, and detailed compliance reporting.

By highlighting the fact that losing ownership does not mean losing control, the last point is important since it is a way to help organizations that have been sitting on the fence regarding the use of cloud services.

As David Etue, vice president, corporate development strategy, SafeNet commented on the availability of the new offer:  "ProtectV for Cloud Service Providers will help cloud infrastructure vendors drive adoption of their services by assuring customers that their critical data will remain under their control, even in shared environments…Organizations that were once wary of moving sensitive workloads to the cloud, particularly in highly regulated industries, can now do so more confidently. That makes this a win both for the customers and for service providers."

As we all are well aware from reading the headlines, this has been a very good year for some very bad people and the common thread of advice from the security professionals both vendors and IT security pros is that the more encryption the better.  Put another way, it is better to be safer than sorrier, and there is no substitute for end-to-end encryption protection so that only authorized individuals and business processes have access to critical data regardless of where it may reside or be on the move. 

With “E”verything else becoming a service, it also makes sense that for a variety of reasons encryption is now an EaaS option.  As Etue noted in his comments this is a win/win.