The announcements over the past week of two security solutions from CipherCloud and Vormetric are the latest releases that aim to convince enterprises that their data will be safe in the cloud, both public and private.
However, while this is a relatively new business sphere, a number of other releases in the space over the past year have underlined the fact that, on one hand, businesses will move to the cloud if they are happy about security, and that on the other, where security is unsatisfactory, vendors will move in to plug any gaps.
CipherCloud and Cloud Security
If you haven’t heard of CipherCloud before, it’s probably not surprising; the company was only founded last year.
While most companies providing cloud security solutions at the moment have added cloud data security software as the need has arisen, CipherCloud focuses exclusively on information security, compliance and governance, as well as dealing with business concerns impeding cloud adoption, particularly data protection, monitoring and regulatory compliance.
This week, it released its first cloud data security and compliance solution for cloud and SaaS applications.
The company claims it has no impact on application performance, requires no cloud application changes and is just about unnoticeable to end users.
If offers control and visibility of enterprise data in the cloud and enables the adoption of cloud application enterprises require. CipherCloud's announcement specifically mentioned Google Apps and Salesforce.com as examples of the applications that it can protect -- hinting at where CipherCloud would like to go with it.
CipherCloud offers a unique way of . . .providing security where the data originates, before it ever leaves the enterprise . . .This approach allows users to deal with multiple data security issues in one stroke,” ," said Pravin Kothari, CipherCloud founder and CEO.
Vormetric and Amazon
But if CipherCloud was hoping to take all the cloud security attention this week, Vormetric -- founded in 2001 -- released Vormetric Data Security for Amazon Web Services (AWS). This allows enterprises to use the Amazon public cloud while maintaining governance and providing security for sensitive data.
This solution extends Vormetric’s combination of encryption, access control and audit to data in the Amazon Infrastructure-as-a-Service (IaaS) products.
With this, enterprises can meet compliance and data governance requirements with one offering that applies persistent security policies to data in physical, virtual and cloud environments.
EMC, CA and Cloud Security
However, while many enterprises are only starting to consider the implications of moving data to the cloud, bigger vendors have already been making moves in the security space to get a run on what has to be one of the faster-growing areas of cloud computing.
Last year, EMC made an important first step to address cloud security concerns with the unveiling of its RSA Solution for Cloud Security and Compliance at the VMworld 2010 conference.
The RSA solution uses a dashboard-based platform that centrally manages security across both VMware virtual infrastructures and physical infrastructures. EMC says this is just the first of the products to come from EMC, supporting their vision for the security and compliance of cloud infrastructures.
Also last year CA joined the fray with the US$ 200 million for Arcot, an identity authentication and fraud prevention vendor. This would be minor if it didn’t take the software giant one step closer to its stated goal of becoming the cloud security player on the market.
And if you look at CA’s activities over the past 12 months, all its moving and shaking has been with this in mind, whether it was the decision to divest itself of its governance software portfolio to Autonomy last June, or its decision to buy cloud monitoring vendor Nimsoft for US$ 350 million in March 2010.
Other vendors are lining up too. According to Forrester research cited by Vormetric, for organizations to move computing resources and applications to the cloud, the value must exceed the risk.
The risks of cloud migration are largely security risks and half of the organizations that are not adopting cloud computing cite security as the reason. However, this time next year, it is unlikely that we will find a similar figure.