Q&A with Gilad Parann-Nissany of Porticor - Page 3

Gilad Parann-Nissany (Profile)
Monday, April 9th 2012

VSM: OK, so can you briefly describe to me what split-key encryption and what homomorphic encryption are, and why they are important in a virtual environment?

GPN: A good analogy for the split-key encryption technology would be that of a safety deposit box with two keys. One key belongs to the customer, the second key belongs to the banker, and only the combination of both keys will open the safe. Porticor uniquely adopted this approach for the world of data encryption in virtualized environments. For each project, Porticor generates a unique master key which is known only to the customer. At the same time, Porticor generates multiple keys per project to encrypt the customer data. But only the combination of the master key and the Porticor-generated keys will decrypt the data.  This allows Porticor to create an encrypted environment without knowing the customer’s encryption key – an industry first. Homomorphic split-key encryption allows Porticor to perform encryption and decryption actions without ever storing the master key in its unencrypted format.

VSM: What are some of the benefits an organization should expect to experience with the Porticor solution?

GPN: Basically, you are outsourcing the complexity of the security solution, but you are keeping the control and trust for yourself. Using our technology, Porticor enables virtual and cloud users to create a secured encrypted environment within minutes while completely eliminating the need to trust the security vendor or cloud provider with their encryption keys, therefore solving the biggest challenge for data encryption in the cloud – storing the keys. This best ensures the privacy of data stored in the cloud and virtual environments.

VSM: Who is your target market?

GPN: Any organization which has its data in virtual or cloud environments, or is planning to move to virtual or cloud environments, is a good target for Porticor.

VSM: But why would enterprises be willing to outsource their security requirements?

GPN: With Porticor, enterprises actually maintain their security controls, and do not outsource them. What they do outsource is the complexity usually required for secure solution deployment. In addition to the quick and seamless deployment process, enterprises can also integrate Porticor into their workflow using the Porticor API, allowing them to automate and scale their security solution together with the rest of the environment.