Vormetric, a provider of enterprise data security for physical, virtual and cloud environments, announced on May 28 the general availability of Vormetric Application Encryption, extending the Vormetric Data Security Platform with powerful capabilities for encrypting data within enterprise and Web applications.
With Vormetric Application Encryption, data-at-rest protection can easily be built directly into applications across traditional, virtual, cloud and Big Data environments. The solution enables organizations to meet regulatory compliance initiatives, such as PCI DSS 3.0 and HIPAA/HITECH, secure personally identifiable information and prevent unauthorized access to sensitive data.
Vormetric Application Encryption includes reference code, documented standards-based APIs, and the Vormetric Application Encryption Agent. These elements simplify integration of application-layer encryption into existing corporate applications, resulting in flexible, easily implemented and maintained, programmatic control over sensitive data written to databases or to specific fields in unstructured files.
“Until now, the resource drain and cost of maintaining multiple encryption solutions has been a real barrier for organizations that need to protect data-at-rest across multiple applications and environments,” said Alan Kessler CEO of Vormetric. “For these organizations, the addition of Vormetric Application Encryption to the Vormetric Data Security Platform is a game changer. With our single, flexible, centralized platform, organizations can now meet legal and industry governance requirements that mandate encryption of data without the expense and overhead inherent in multiple solutions.”
Top concerns organizations have when adding encryption to applications are performance and key management. Vormetric Application Encryption addresses this concern with high speed, hardware-based encryption using Intel AES-NI and Secure Key technologies.
Centralized, proven, key management is delivered by Vormetric’s common, single platform environment for simplicity, efficiency and low TCO. Solutions available on this common platform include Vormetric Transparent Encryption as well as extended key management solutions for Oracle and SQL Server TDE Master Keys and KMIP compatible devices.
“Vormetric Application Encryption adds granular field- and column-level encryption of specific data fields within web, Big Data or cloud environments, as opposed to encrypting an entire database, folder or volume. Combined with Vormetric Transparent Encryption, organizations have the ability to protect data both within applications, and at the file or database level,” explained Garrett Bekker, senior analyst with 451 Research. “The most common use case for this combined solution is to help customers address regulatory compliance or data residency needs without the expense of purchasing separate application encryption offerings, encryption gateways, key management or tokenization functionality. Customizing apps isn’t always easy or desirable, but in cases where field-level encryption is mandated for certain applications as a supplement to file-level encryption, the potential cost savings and efficiencies of a platform approach can ease the process.”