- Company (that provides the nominated product / solution / service): CipherCloud
- Website: http://www.ciphercloud.com
- Company size (employees): 200
- Product Version Number: 5.0
- Type of solution: Hybrid
- Year this product or service was first introduced to the market: 2012
- Year the current version of this product or service has been released: 2016
- Approximate number of users worldwide: 2.5 Million
In 3 bullets, summarize why this product or service deserves recognition:
o CipherCloud Active Encryption is the mostly widely deployed solution for protecting sensitive or regulated data in business cloud apps.
o The solution separates encryption from data storage. Sensitive fields and files are protected persistently in the cloud and keys are never shared outside the enterprise.
o CipherCloud solutions are transparent to end-users, thereby preserving important cloud functionality including searching, sorting, reporting and third-party integrations.
In less than 300 words, summarize the most important features and benefits of this product or service
CipherCloud Active Encryption is uniquely suited to enable cloud adoption while providing the highest levels of security. While encryption is used in many contexts, it is only effective if properly deployed, following security best practices. CipherCloud delivers true multi-cloud security policies across multiple clouds and applications.
Many cloud providers encrypt only data at rest; however, encrypting data at rest does not protect against top threats published by the Cloud Security Alliance (CSA), such as credential theft, account hijacking, insecure APIs, privileged users, or forced government disclosure.
To solve these problems, enterprises need data protection that is persistent. With CipherCloud Active Encryption, enterprises decide what to encrypt with granular policy controls, while never relinquishing or sharing the keys. The functionality of encrypted data for searching, sorting, reporting, third-party tools, and controlling data encrypted on mobile devices is preserved.
When cloud providers offer encryption, this only applies to data at rest. This leaves significant exposure as the application, admins, APIs, external processes, and more can always access the clear-text on-demand. By comparison, CipherCloud Active Encryption is persistent and complete, covering data in transit, data in use, and data at rest, as well as data sitting on mobile devices.
In addition, CipherCloud Active Encryption provides a separation of duties. If the cloud provider encrypts and stores data, it can and will access it – intentionally, automatically, by accident, through external tools, or even through court orders.
Finally, our tokenization options meets the most stringent data residency requirements, substituting random values in the cloud, while retaining sensitive data fields in an on-premises database. No cloud provider security solution supports tokenization like CipherCloud. The solution has been deployed by hundreds of regulated organizations in financial, healthcare, government and hitech to meet requirements including GLBA, PCI, HIPAA, and global data privacy laws.