One of the most commonly cited challenges about moving to the cloud is about security.
How do you secure content in a multi-tenant cloud environment that you don’t directly control?
That’s the challenge that new startup AlephCloud is aiming to solve. AlephCloud is still a company in stealth mode, but it is already attracting interest. This week the company announced a $7.5 million Series B round of financing, bringing the company’s total financing to $9.5 million.
AlephCloud CEO Jieming Zhu was formerly the Chief Technologist in the Office of the CTO at HP’s StorageWorks Division and had previous stints with Brocade and Xsigo Systems.
In Zhu’s opinion, structured business processes and workflow that work on-premise can encounter issues when moving to the cloud.
“You cannot see the data when it goes to the cloud and you cannot control the data when it is in the cloud,” Zhu told Datamation. “You don’t know who else can access the data, so you as the fiduciary custodian of the data are responsible for the data, yet it is controlled by someone else.”
That’s the problem that AlephCloud is aiming to solve. Namely, giving enterprises control of cloud data in a manner that can satisfy security risks and concerns.
“Our idea is to make it a trustworthy cloud, so that cryptography can work with zero knowledge,” Zhu said. “So data in the cloud is absolutely secure, so much so that no one can access the data or the encryption key and you also have data providence and total chain of custody over the data.”
Zhu noted that part of the AlephCloud solution will leverage open source components, though the bulk of the product will be home grown. He stressed that AlephCloud will be taking a different approach than others have taken to date for the problem of cloud data security.
Today there are two primary models for deploying content security in the cloud. One of them is the Exclusive model, where all data that moves to the cloud is encrypted and is only decrypted when it comes back into the enterprise’s own data center.
“That’s a great way of protecting your own data, but how are you going to collaborate with your customers and your clients? ” Zhu said.
The other model is what Zhu refers to as the ‘Trust Me’ model. In that approach, the cloud holds all the data and the enterprise needs to trust that the cloud provider handles security appropriately.
“Neither model is really adequate, so we are taking a different approach to ensure zero knowledge for data privacy as well as data providence,” Zhu said.”
Sean Michael Kerner is a senior editor at Datamation and InternetNews.com. Follow him on Twitter @TechJournalist.