Gartner Report Highlights Enterprise Need for Security Solutions to Assist with Data Access, Compliance & Security in the Cloud

  Gartner Report Highlights Enterprise Need for Security Solutions to Assist
  with Data Access, Compliance & Security in the Cloud

           PerspecSys Solution Addresses These Growing Requirements

Business Wire

MCLEAN, Va. -- August 23, 2013

Today’s CIOs and CISOs are facing continued pressure to adopt the cloud
enterprise-wide while managing the increasing operational and security risks
associated with it. While the challenge can be daunting, a new report from
research company Gartner Inc. highlights the role that encryption and
tokenization technologies can play in helping enterprises adopt cloud
services, even those in highly regulated industries or in regions with strict
data sovereignty requirements. The report, “Simplify Operations and Compliance
in the Cloud by Encrypting Sensitive Data (1),” recommends that CIOs and
CISOs, “simplify audits such as the Payment Card Industry Data Security
Standard (PCI DSS) when using cloud services by implementing access controls
and encryption or tokenization of sensitive data.”

Gartner highlights sector-based data compliance requirements, such as PCI DSS,
as drivers for organizations to consider adopting encryption and tokenization
technologies. Another catalyst is referred to as data residency requirements,
where “the protection is required to prevent access by government authorities
and agencies while data resides in or is passing through other jurisdictions.”
Regarding this issue, the report goes on to say that “an alternative is to
avoid storing the data in those jurisdictions, such as the U.S. and U.K.,
which use legal access or interception of data through laws such as the USA
Patriot Act and the U.K. Regulation of Investigatory Powers Act.”

But the report cautions enterprises to clearly think through the implications
of deploying these technologies in their environments. Gartner’s research
helps enterprises understand these risks and highlights the following:

  *Protect sensitive fields/columns while using cloud SaaS applications
  *Do not store keys or use keys in other jurisdictions, or use a third
    party; otherwise the encrypted data could be accessed if the keys are
  *It is important to review the claims of vendors carefully due to the novel
    and unique implementations of encryption solutions. … Enterprises should
    always check the claims of vendors that their solutions are based on
    proven security models
  *When keys or tokens are managed on-premise, always check the impact on the
    access and availability of the cloud service provider (CSP) and the
    performance of appliances
  *A growing best practice is emerging where enterprises encrypt data stored
    in the cloud and manage the keys locally.

The report references another document published by Gartner earlier in the
year titled, “Tackle Six Security Issues Before Encrypting Data in the
Cloud(2),” that specified, “Encrypting data may impact the processing ability
of a cloud-based service. For example, SaaS-based applications with
field-level encryption can break indexing, searching and sorting, and will
also break numeric calculations performed in the cloud.” That report goes on
to say that “if the encryption vendor offers options for ‘function preserving
encryption’ – for example, to preserve sort – regulations may require the use
of standardized and approved algorithms or proof of independent certification
for the potentially weakened encryption.”

PerspecSys views itself as unique in the security category that Gartner calls
“Cloud Encryption Gateways” because it is the only provider in this category
that enables organizations to use proven, validated encryption modules from
companies such as Voltage Security, SafeNet, Symantec, McAfee and RSA as the
gateway’s encryption technique. While leveraging these encryption modules, the
PerspecSys Cloud Data Protection Gateway simultaneously protects cloud data
and preserves critical end-user functionality of cloud applications, such as
sophisticated searching and reporting.

PerspecSys’ Pluggable Encryption Architecture enables enterprises to extend
existing investments in trusted encryption modules – enabling them to protect
data throughout its entire lifecycle across multiple systems (on-premise and
in the cloud) with a consistent, trusted encryption system. Additionally,
PerspecSys is the only cloud encryption vendor that has had an independent PCI
DSS QSA auditor validate that its tokenization solution adheres to the
security guidelines defined by the PCI DSS Security Standards Council (summary
report available on

“This Gartner report is timely because of the increased concern about data
ownership and privacy in the cloud fueled by ongoing reports of data
surveillance and the implications these revelations will likely have on future
regulations and compliance mandates,” said David Canellos, CEO of PerspecSys.
“The security strength of the underlying data protection techniques that an
enterprise uses is critical. This is why PerspecSys has refused to use any of
the weakened security approaches that the report urges CIOs and CISOs to fully
understand. I’m astonished to see some competitors tell enterprises they need
to use modes of encryption modules that have not been opened up to public
scrutiny and do not have well-vetted security proofs when they want to
preserve cloud application functionality. This is a totally unacceptable
position that opens these organizations to security risks as well as
compliance and audit challenges. We do not force this tradeoff on our
customers, which is why we are seeing our approach win in the marketplace.”

About PerspecSys Cloud Data Protection Gateway

Resulting from years of original research and development, the award winning
PerspecSys Cloud Data Protection Gateway works by intercepting sensitive data
or files while they are still on-premise, replacing them with a random
tokenized or encrypted value, rendering it meaningless should anyone outside
of the company access the information while it is being processed or stored in
the cloud. In addition, the PerspecSys solution offers the differentiated
ability to preserve cloud application functionality – even when the data is
tokenized or strongly encrypted – using encryption such as National Institute
of Standards and Technology (NIST) listed FIPS 140-2 compliant modules from
leading industry cryptographic providers. With PerspecSys, enterprises
maintain ownership of encryption keys and end users have access to features
and functions such as ability to sort and search data (including advanced
search), send e-mails, and generate reports – even on sensitive data that has
been tokenized or strongly encrypted.

(1) Simplify Operations and Compliance in the Cloud by Encrypting Sensitive
Data, 2013; Analyst(s): Brian Lowans, Published 15 August 2013, Research
Report G00255099

(2) Tackle Six Security Issues Before Encrypting Data in the Cloud;
Analyst(s): Brian Lowans, Neil MacDonald, Published: 9 March 2013, Research
Report G00248246

About PerspecSys

PerspecSys Inc. is a leading provider of cloud data protection solutions that
enable mission-critical cloud applications to be adopted in enterprises and
government agencies. PerspecSys removes the technical, legal and financial
risks of placing sensitive company data in the cloud. PerspecSys accomplishes
this for many large, heavily regulated organizations across the world by never
allowing sensitive data to leave a customer’s network, while maintaining the
functionality of cloud applications. Based in McLean, VA and Toronto, with
offices in San Francisco and London, PerspecSys Inc. is a privately held
company backed by investors that include Intel Capital, Paladin Capital Group,
Ascent Venture Partners and GrowthWorks. For more information please visit
www.perspecsys.comor follow on Twitter @perspecsys.


Racepoint Group
Mike Nourie, +1-617-624-3222