In a fast-paced, global economy, companies must respond to opportunities rapidly or risk being left behind. Information - and the technology to support its creation and dissemination - is critical to this response-time. Through the ages of the mainframe, mini-computer, open-systems and personal computers, the information technology (IT) industry has made great strides in reducing the cost and time-to-delivery of new systems to business users. The "Cloud" has the protential to increase that speed to a new level.
Simultaneously, the IT sector is becoming subject to regulatory scrutiny as never before. We believe, that like the financial sector, the IT sector will become highly regulated because attackers have shown that they can usurp billions of dollars from legitimate businesses through the theft of information. As a consequence, private and government entities have started mandating the protection of sensitive information. While the promise of the cloud appears tantalizing, securing information in the cloud is a significant challenge. You do not know where your data lives; you do not know who else is on the same machine or storage-farm as your company; you do not know which individuals have access to the administrative interfaces of the cloud and from which geographies of the world. Proving compliance to regulatory requirements in the cloud makes the same task seem like a walk in the park when it involves your own data-center and resources.
StrongAuth, Inc., the company behind many innovations in the encryption and key-management space, has created the StrongKey CryptoEngineTM (SKCE) to balance the need to take advantage of cloud-technology, while ensuring that you are in compliance with data-security regulations for protecting sensitive data.
The SKCE allows you to automatically encrypt files and objects of any type and size, and move them to public clouds such as AWS and Azure, or private clouds built on Eucalyptus. The encryption keys that are critical to protecting data are stored on the StrongAuth KeyApplianceTM under strong cryptographic controls. The SKCE can also download the encrypted file from the cloud, retrieve the required key from the KeyAppliance, decrypt the file/object and store it locally on your computer. This pass-through "cryptographic engine" sits on your network as a "black-box" and can be integrated into your applications as a network service using industry-standard protocols. Once integrated, the mechanics of encryption, decryption, key-management, storage and retrieval from a cloud, becomes invisible to developers and users.
Companies can take advantage of cloud services, anywhere in the world to respond to market events and opportunities. They can store sensitive data in the cloud with the knowledge that they can comply with data-security regulations. The best part? The SKCE is free and open-source software (FOSS). You can use it on as many machines as you want (including VMs), anywhere you want, with as many users as you want - without paying a single dime for its use. Support with a Service Level Agreement (SLA) will cost you an annual fee; free support is available on public forums, but without an SLA. Have your technologists and architects check it out - we are confident they will be more than pleasantly surprised.
StrongAuth, Inc. is the creator of the first open-source Symmetric Key Management System (StrongKey) and the first integrated appliance to include encryption, tokenization, key-management with a cryptographic hardware at the lowest price in the industry - the StrongAuth KeyApplianceTM. We've also established Public Key Infrastructures (PKI) for some of the largest and smallest customers in the world. Our decade of experience in enterprise key management, plus our commitment to open-source and intelligently designed solutions, makes us one of the "hidden treasures" of security.