Inside Advanced Scale Challenges|Thursday, September 21, 2017
  • Subscribe to EnterpriseTech Weekly Updates: Subscribe by email

Bracket Puts Security Controls in Enterprise Hands 

To further promote corporate adoption of public cloud, Bracket Computing this week added to its software-based Bracket Computing cells architecture a security suite whose controls never leave enterprise customers' hands.

Public cloud adoption is expected to soar, reaching $191 billion in 2020 from $58 billion in 2013, according to Forrester. In many cases business departments continue to propel these deployments, often leaving IT to ensure implementations are secure and meet enterprise's risk and governance policies, the research report said. But more IT departments are proactively wresting back control by providing lines of business with the cloud-based tools they need using protocols, tools, and procedures that adhere to technologists' best practices.

"The growth in use, maturity, and financial viability of public cloud platforms are proving their longstanding value as legitimate deployment options for enterprise applications. While not a one-for-one replacement for on-premise, hosting, or colocation, cloud platforms fit well as ideal deployment options for elastic and transient workloads built in modern application architectures," wrote James Staten, vice president and principal analyst at Forrester, in a blog. "It will increasingly be difficult to justify not leveraging cloud services."

Yet enterprises worry about public cloud security. When it comes to selecting a cloud solution, 82 percent of those surveyed picked security as the most important capability or attribute; data privacy came in second at 81 percent, while cost placed third at 78 percent, a 2014 PwC report determined. In other words, enterprises will pay at least some premium if they feel assured their data, networks, and systems are secure.

"If you have your own datacenter and are running it, it's a zone of trust," said Ambika Gadre, vice president product and marketing at Bracket, in an interview. "When I go to hyperscale cloud, how do I create trust in what is inherently an untrusted environment? How do I get that level of trust I'm used to in an environment that's untrusted from the get-go? The issue with trust is you don’t control the hypervisor as an enterprise."

Bracket hopes its newly released Bracket Security Fabric suite provides enterprises with this level of trust through its integrated encryption and authentication that's under a corporation's control. The software encrypts entire workloads and is supported by automated key management and pre-boot authentication designed to ensure confidentiality, integrity, and data-authenticity within Bracket's Computing Cells. Because security is integrated into the infrastructure, there's no performance degradation, said Gadre. The solution generates a key that's automatically sent to the customer and automatically renewed every 90 days, and which never leaves their datacenter, giving the enterprise control over everything, she said. Encryption and data are based in key appliances, directory services, and certificate authorities that are not viewable by cloud service providers or other cloud tenants, Bracket said.

"It not only works across one cloud. It's more like a security fabric. It's your encryption keys. It works the same way whether it's on Google, Amazon, Microsoft, or the next service provider," said Gadre. "We want encryption to become the new boundary. Today in the datacenter there's a fight between IT and security. We've taken that issue off the table. All processes run in the background, transparent. When they revoke a key, they wipe a key because they're done with a particular workload, it disappears. It's ones and zeroes forever."

Bracket Security Fabric includes an always-on cryptographic engine that is consistent across multiple clouds, while the Computing Cell encrypts entire workloads – including all virtual machines, containers, server-based storage, and attached storage – so enterprises can store confidential data on the public cloud and control these assets, the developer said. Because it's encrypted and connected via a multi-cloud encrypted network gateway, data traveling on untrusted or shared networks is protected, according to Bracket.

"In a world where workloads are distributed across multiple environments, encryption provides a new boundary that secures data wherever it is," said Dan Boneh, Professor of Computer Science and Co-Director of the Computer Security Lab at Stanford University, in a statement.

 

About the author: Alison Diana

Managing editor of Enterprise Technology. I've been covering tech and business for many years, for publications such as InformationWeek, Baseline Magazine, and Florida Today. A native Brit and longtime Yankees fan, I live with my husband, daughter, and two cats on the Space Coast in Florida.

3 Responses to Bracket Puts Security Controls in Enterprise Hands

  1. Ulf Mattsson

    I like that “The Computing Cell is the only infrastructure service that encrypts entire workloads—all virtual machine or container instances and attached storage, including root volumes, data volumes and server-based instance storage—to enable enterprises to process and store sensitive data on the public cloud.” But if the data is very sensitive you may not even want the encryption keys to be sent to the cloud when they are used for encryption and decryption of the storage volumes.

    A recent report from Gartner had some good news and concluded that “Cloud Data Protection Gateways” provides a “High Benefit Rating” and “offer a way to secure sensitive enterprise data and files stored in cloud applications”. Cloud Encryption Gateways encrypts data before sending it into the cloud. This approach can be very effective in addressing attacks against cloud data and compliance with regulations.

    Ulf Mattsson, CTO Protegrity

     
  2. Ulf Mattsson

    I like that “The Computing Cell is the only infrastructure service that encrypts entire workloads—all virtual machine or container instances and attached storage, including root volumes, data volumes and server-based instance storage—to enable enterprises to process and store sensitive data on the public cloud.” If the data is very sensitive you may not even want the encryption keys to be sent to the cloud when they are used for encryption and decryption of the storage volumes.

    Ulf Mattsson, CTO Protegrity

     
  3. geo news

    Very great post. I just stumbled upon your weblog and wanted to say that I have really loved surfing around your weblog posts.
    In any caae I will be subscribing in your rss feed and I’m hopinng you write once more soon!

     

Add a Comment

Share This