Written by:
Purandar Das As organizations shift more of their sensitive data to the cloud, they introduce more potential cracks in their data security program. SaaS applications and IaaS that reside in a public cloud introduce the following vulnerabilities:
- Cloud providers require customers to provide their own cybersecurity and do not enforce it, often leaving cloud applications vulnerable.
- Data in the cloud is accessible to database administrators of the cloud applications or infrastructure via direct access to the database.
- If data in the cloud is encrypted by the cloud or application provider, the provider still holds the encryption keys and can access the data in the database.
Many organizations are hesitant to move sensitive data to the cloud because of these security vulnerabilities.
Cloud Data Protection with Sotero Data Encryption
With the Sotero Data Security Platform, cloud data protection is completely controlled by you. Sotero provides data in motion encryption, to secure sensitive data while in transit to the cloud and, once there, the cloud services provider cannot view or access your data. With Sotero, your data is not accessible to the database administrators of the cloud applications, and you, not the cloud provider, hold the encryption keys.
All sensitive data is encrypted, including all data fields in all applications, adhering to the AES-256 standard. This includes heterogeneous applications, such as ODBC, RDBMS, and JDBC databases, and applications deployed on premise, in a private cloud, or in a public cloud.
You get true cloud data protection, enabling you to realize the benefits of moving data off premise and to the cloud.
An Example of How Organizations Benefit
Here’s an example of how one Sotero customer is realizing the cloud data protection they need to address a mission-critical use case.
The customer is a large health and pension benefits provider that started using a new cloud-based analytics platform from a third-party. The company needed to transfer its data to the system while the data was fresh for their analysis to be truly accurate.
The company’s leadership had strong concerns about moving their sensitive data to the cloud. Developing the necessary security features with internal resources was not an option. So they had to manually transfer the data to the analytics platform, which meant that they couldn’t analyze that data while the data was fresh.
The company turned to the Sotero Platform. The encryption starts as the data is being extracted from their systems, and the encryption stays in place throughout the usage cycle (data in use encryption and data in motion encryption as well as when data is at rest). This enabled the company to adopt the cloud-based analytics platform while, eliminating any risk of data or privacy loss. The company can now analyze data while it is fresh and has its most value, without having to rely on internal IT, for more accurate data analysis and also to move much faster as a business.
You can read more about this, and other case studies, here.