Obviously, behemoth companies have an advantage during market upheaval. They have deep pockets to reinvent themselves and stay competitive. Five years ago, who would have thought Google would be a major smartphone OS player?
But big companies also can be held back by bureaucracy, inertia and group thinking that favors the status quo. Each shift creates the daylight needed for newer companies to gain momentum. VMware, Rackspace and salesforce.com have already become major players, every bit as well positioned to be incumbents when the cloud matures as other more established companies.
However, the cloud has some obstacles to overcome before its anywhere close to being considered mature. According to Gartners 2010 CIO Survey, security technology was the number-one priority of respondents. In the context of the cloud, security is an even bigger concern.
Of course, where there is pain in the market there is opportunity. Here are 7 Cloud Security emerging vendors attempting to make the cloud every bit as secure or more so than on-premise computing.
This article is the first in a series. We will look at 7 more cloud security companies in our next entry, with storage, platforms, monitoring and management and more to follow. Here, then, are our first 7 Cloud Up-and-Comers:
The fear of a breach either through an attack on the cloud provider, or through a malicious insider is one of the top barriers to full-scale cloud adoption. Having keys stored in the environment under attack isnt wise.
What they do: CREDANT enables encrypted data to be migrated into cloud infrastructures while data owners maintain control of the encryption key. This relocates the encryption data to the clients local sites so that keys arent stored at the cloud providers data center. Key management is extended to virtual platforms, which encrypts files instead of devices. CREDANT provisions keys to decrypt data as it is needed by individual users in real time.
Why theyre an up-and-comer? CREDANT focuses on encrypting data, not devices. This approach means that CREDANT solutions are transparent to end-users and have minimal impact on operations. The solution eschews traditional sector-based, full-disk encryption in favor of a more flexible and scalable data encryption solution. Their targeted encryption policies require far less space and resources for securely moving data to the cloud. CREDANT has already built out the infrastructure to handle a massive numbers of encryption keys. To date, Credent has over 800 enterprise customers worldwide, with between 7 to 9 million endpoints encrypted.
IP theft, data loss and non-compliance can all result from mishandled data. One method that has been proposed but never caught on was data signatures. Unfortunately, signing through PKI or similar technologies is out of reach for most organizations because of the expense and complexity of key management.
What they do: What VeriSign has done for website trust; GuardTime seeks to do for cloud-based trust.. GuardTime has created a keyless signature technology that secures critical data in the cloud and maintains extensive mathematical proof that data integrity is intact. GuardTimes Keyless Signature is a system of software-generated, automated verification based on mathematics, which frees IT from the burdens of key management.
Why theyre an up-and-comer? Regulatory requirements centered on privacy and data integrity are issues for nearly every industry now, and verifiably clean data goes a long way towards ensuring compliance. This is a big horizontal market, and GuardTime is already cashing in with such customers as Brother Industries, which manufactures multi-function printers using GuardTime integration. GuardTime has partnered with Joyent to deliver the first cloud stack with keyless signature integration.
GuardTime also earned some cyber-security street cred through adventures in Estonia. CEO Mike Gault gained in-the-trenches, cutting-edge cyber-security knowledge while living in Estonia when Russia launched one of the first cyber-warfare attacks. Calling it that is probably a bit sensationalist; nonetheless, in a country where 97% of banking transactions are done online, theres plenty to learn about next-generation security.
One of the ways around the issues of security and control that make some businesses wary of cloud computing is to build a private cloud -- one that remains within the corporate firewall and is wholly controlled internally. Private clouds also increase the agility of IT an organization's IT infrastructure and make it easier to roll out new technology projects. Download this eBook to get the facts behind the private cloud and learn how your organization can get started.