Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

File Security Gets All Cryptic

Vendors target file-level encryption and key management in an attempt to lock down users' data

Storage security vendors looked to boost encryption today as both Decru and PGP are unveiling new technologies designed to tackle file-level security.

This morning PGP takes the wraps off its new NetShare software, which extends the firm's 128-bit encryption from instant messaging and email to file servers. "Virtually every big customer that we speak to is asking for this," explains Andrew Krcik, the vendor's vice president of marketing. "You have thousands and thousands of people accessing tens of thousands of files on file servers."

The software, which sits on top of client devices, such as laptops and desktops, can work with all types of local and network storage devices, including Windows servers, NAS devices, and SAN boxes, according to PGP.

NetShare, priced at $149 per user, will be available in the fourth quarter of this year. PGP execs, however, tell Dark Reading that the vendor has volume discounts that apply to "most enterprises."

Decru is also making a move into the file security space this morning, revealing a partnership with content management specialist FileNet. The two firms have embarked on a reference selling initiative centered on FileNet's P8 software and Decru's DataFort encryption device.

By linking FileNet's software and DataFort hardware, Kevin Brown, Decru's vice president of marketing, says his firm can tighten its file encryption story. "FileNet lets us encrypt per [individual] file," he says, as opposed to previously, when Decru would target, for example, entire Windows drives. "With FileNet, we can drill down into each of the specific drives."

The list price for Decru's DataFort devices starts at $15,000, although FileNet would not reveal its P8 list price.

The major difference between Decru and PGP is that the latter takes a largely software-based approach to encryption, whereas Decru opts for a hardware-based strategy, centered on the DataFort devices. Both approaches have their pluses and minuses. "Hardware encryption can be faster, more powerful, and more secure, but it can be more costly," says Dan Tanner, a member of the Storage Networking User Group of New England (SNUGNE) and founder of consulting firm ProgresSmart.

For some users, however, those plus-points are critical. Directory services provider Qsent, for example, shifted from software-based encryption to hardware from NeoScale. (See Records Firm Not Risking Tape.)

Tanner acknowledges that file-level encryption is important, although he warns that users need not go crazy with the technology. "There's only certain types of files that ought to be encrypted in transit, others should be encrypted at rest." Encryption, he adds, can impair application performance, the ability to compress files, and the overall cost of doing business.

These sentiments were echoed by Robert Amatruda, research manager at IDC. "At the end of the day, not all data is created equally," he says, adding that encryption is most appropriate for highly critical data, such as financial filings and personnel data.

Jon Oltsik, senior analyst at the Enterprise Strategy Group, says that it is hard to pick a clear front-runner in the storage encryption space, with PGP and Decru vying with the likes of NeoScale. "Right now, it's anyone's game," he says. "It's too early to tell who has the advantage at this time."

Certainly, the encryption market is still maturing, as demonstrated last week by the demise of publicly traded vendor Kasten Chase, which ceased operations after months of financial difficulty. (See End of the Road for Kasten Chase, Kasten Chase Goes Under, and Kasten Chase Reports Financials.)

Decru also unveils its new 2U Lifetime Key Management appliance today, which the vendor says can support over 100 DataFort devices and manage more than 100 million keys. IDC's Amatruda says this type of technology is critical to users. "The real crux of the issue around encryption is key management and being able to manage the keys over a long period of time," he says.

Encryption specialists, however, are not the only security vendors unveiling new technology today. Startup Imperva, for example, is taking the wraps off its one-rack-unit-high SecureSphere Database Monitoring Gateway, which examines network traffic accessing database servers.

Unlike the startup's existing Database Security Gateway, which also contains IPS features, the monitoring gateway is aimed squarely at the auditing market. The new device, priced at $35,000, is also $10,000 cheaper than the security gateway. It will be available on June 19.

Another security vendor, iPolicy Networks, also fills out its product line today, with the launch of its 6410 device, containing URL filtering, content protection, and anti-virus and IDS technology. The 2U-high 6410 is priced at $60,000 and available immediately.

— James Rogers, Senior Editor, Byte and Switch. Special to Dark Reading

Organizations mentioned in this article:

  • Decru Inc.
  • The Enterprise Strategy Group (ESG)
  • FileNet Corp. (Nasdaq: FILE)
  • IDC
  • Imperva Inc.
  • iPolicy Networks
  • Kasten Chase Applied Research Ltd.
  • NeoScale Systems Inc.
  • PGP Corp.

     

    Recommended Reading:

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 7/6/2020
    Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
    Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
    Another COVID-19 Side Effect: Rising Nation-State Cyber Activity
    Stephen Ward, VP, ThreatConnect,  7/1/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    Special Report: Computing's New Normal, a Dark Reading Perspective
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    The Threat from the Internetand What Your Organization Can Do About It
    The Threat from the Internetand What Your Organization Can Do About It
    This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-15600
    PUBLISHED: 2020-07-07
    An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to change the admin password.
    CVE-2020-15599
    PUBLISHED: 2020-07-07
    Victor CMS through 2019-02-28 allows XSS via the register.php user_firstname or user_lastname field.
    CVE-2020-8916
    PUBLISHED: 2020-07-07
    A memory leak in Openthread's wpantund versions up to commit 0e5d1601febb869f583e944785e5685c6c747be7, when used in an environment where wpanctl is directly interfacing with the control driver (eg: debug environments) can allow an attacker to crash the service (DoS). We recommend updating, or to res...
    CVE-2020-12821
    PUBLISHED: 2020-07-07
    Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack.
    CVE-2020-15008
    PUBLISHED: 2020-07-07
    A SQLi exists in the probe code of all Connectwise Automate versions before 2020.7 or 2019.12. A SQL Injection in the probe implementation to save data to a custom table exists due to inadequate server side validation. As the code creates dynamic SQL for the insert statement and utilizes the user su...