CipherCloud Achieves Gartner's Recommendations to Avoid Data Residency Risks in the Cloud by Encrypting Data and Giving Data

CipherCloud Achieves Gartner's Recommendations to Avoid Data Residency Risks
in the Cloud by Encrypting Data and Giving Data Owners Encryption Keys

SAN JOSE, Calif., Jan. 30, 2013 (GLOBE NEWSWIRE) -- "Chief information
security officers and chief security officers must resolve an array of complex
security and regulatory data residency issues when enterprises plan to store
data in the cloud or remote data centers," according to a new report published
by research company Gartner Inc. The research note, "Five Cloud Data Residency
Issues That Must Not Be Ignored," (1) recommends enterprises take steps to
assure the privacy of sensitive information, achieve regulatory compliance and
understand the implications of data disclosure laws.

According to the authoring analysts, "even if the data is encrypted and the
keys are managed in a separate jurisdiction, enterprises should be aware that
requests for legal assistance, based on bilateral agreements, may be executed
between those countries. However, in a well-architected system, the cloud
services provider does not have direct access to the keys. In this way, if a
legal request is made for access to the data, the enterprise must be

Many countries have passed national laws granting authorities access to
enterprise cloud data that may conflict with the legal protection rights of
data in the originating jurisdiction, leaving companies wondering how secure
their data is and how compliant they are with regulations. Gartner's research
helps enterprises understand these risks and recommends they:

 -- Consider deploying encryption solutions if there are data residency
concerns for data crossing borders

 -- Ensure that privileged users in cloud services providers are not
granted access

 -- Manage the keys locally to comply with local privacy requirements

 -- Ensure that the selected vendor encryption products can provide the
level of security, and operate in the different storage environments and
locations as required

 -- Use a documented key revocation and destruction process

We believe CipherCloud meets and exceeds these recommendations and the Gartner
report cites a CipherCloud customer as an example of how companies are
addressing the issues of data residency.

"We believe Gartner's analysts underscore the importance of cloud encryption
and self-ownership of the keys as essential to confronting data residency
risks no matter where the data is stored," said Pravin Kothari, CEO of
CipherCloud. "CipherCloud's information protection platform ensures no
one--whether it's law enforcement, cloud provider system admins, or
cybercriminals--can access sensitive information under any circumstances
without contacting the data owner first."

The CipherCloud technology incorporates a number of military-grade, AES
256-based format and operations-preserving encryption schemes to protect cloud
information. Encryption keys are owned by the enterprise, ensuring that
organizations retain control over data in-transit, in-use, and at-rest in the

CipherCloud also uses content-aware encryption, which speeds deployment and
continues to break down privacy, residency, compliance and security barriers
to adopting cloud applications. However, unlike previous approaches, with
CipherCloud's breakthrough encryption technology users enjoy native
functionality like search and sort with near zero-latency. This means that
there is no change to the user experience, even when using dynamic encryption
to enforce data loss prevention rules.

(1) Gartner, Inc., "Five Cloud Data Residency Issues That Must Not Be
Ignored," December 26, 2012, Research report G00246143, Brian Lowans, Neil
MacDonald and Carsten Casper

About CipherCloud

CipherCloud, the leader in cloud information protection, provides cloud
encryption and tokenization gateways to enable organizations to securely adopt
cloud applications by eliminating concerns about data privacy, residency,
security, and regulatory compliance. CipherCloud's groundbreakinggateway
encrypts sensitive information in real time, before it's sent to the cloud,
using operations-preserving encryption and tokenization technology without
impacting usability or the application in any way.

The CipherCloud product portfolio supports popular cloud applications
out-of-the-box such as Salesforce,, Chatter, Google Gmail, Microsoft
Office 365, and Amazon AWS. Additionally, CipherCloud Connect AnyApp and
Database Gateway enable organizations to extend data protection to hundreds of
third-party cloud and private cloud applications and databases.

CipherCloud is backed by premier venture capital firms including Andreessen
Horowitz, Index Ventures, and T-Venture, the venture capital arm of Deutsche
Telekom. For more information, visit and follow us on
Twitter @ciphercloud.

CONTACT: Deb Montner
         Montner & Associates, Tech PR
         dmontner AT

Press spacebar to pause and continue. Press esc to stop.