Posts

clouds

Protect Sensitive Data within the Cloud

It’s pretty clear by now that the next frontier for online businesses is to move to the cloud. However, the term ‘cloud’ is still a relatively new idea that can help businesses greatly improve their productivity, efficiency, and save on resource costs. However, this overly anticipated rush to the cloud isn’t without its limitation. One such drawback of the cloud is the possibility for increased web attacks and infrastructure vulnerabilities. Today, we will explore the various ways to help safeguard any confidential information or sensitive data that is stored in the cloud.

Current Cyber Security Landscape

In today’s computing environment, there are an abundance of network and cloud infrastructure providers. But, the question we need to ask ourselves is, “who is managing and tracking all of the inbound/outbound traffic?” In other words, organizations are eager to provide incredibly cost effective and efficient cloud infrastructure, but there hasn’t been much thought or planning surrounding the protection of this cloud infrastructure.

The market is slowly starting to see the effects of improper web protection, however. According to Gartner, by 2020, more than 60% of web applications will be protected by cloud service Web Application Firewalls. Just as fast as people are looking to upgrade to the cloud, there is a growing interest on how to protect these next generation infrastructure solutions. In essence, companies and online website owners are starting to become more proactive, but the job doesn’t end there.

How Do We Protect Ourselves?

The very nature of the internet is to be open, but this could ultimately leave one to be vulnerable to web attacks if not careful. This is the ultimate cloud fallacy. As much as we want to move towards sharing resources, infrastructure, or testing new innovative solutions, this can only be done to a certain degree. Until recently, most companies have been looking to fortify their internal networks and systems to prevent any attacks. The issue is that the internet was designed to freely share and communicate information with the open world. The best way to work around this predicament is not to block ourselves in by building higher walls, but to build smarter gateways. Two ways that we can achieve this is to utilize a perimeter based Web Application Firewall and Database Encryption technology.

diagram showing WAF protecting a website or sensitive data from hackers and bots

 Web Application Firewalls (WAF)

WAFs can help protect all inbound and outbound traffic that flows through the web/application layer (OSI Layer 7). These days, as more and more websites rely on dynamic web applications to power their sites, the vulnerabilities of these applications continue to persist. WAFs are perimeter based web security solutions, which means that they look to monitor all HTTP/HTTPS traffic to sift for any malicious or suspicious web behavior. Once detected, WAFs can automatically block any web hacking attempts that target a web application and ultimately intend to steal sensitive data on a web server/backend database. WAFs can be your first line defense to protect your online business from web attacks when you least expect it.

There are various benefits to implementing a WAF solution into your cloud web security profile, such as:

  • Cleaner & safer network – mitigate major hacking incidents
  • Peace of mind – always active security that works on the perimeter
  • Performance – security that doesn’t affect performance or incur latency issues
  • Compliance – satisfy PCI-DSS requirement 6.6

silver lockpad over data and series of 1s and 0s safeguarding sensitive data

 Database Encryption to protect sensitive data

Database encryption software transforms data stored in a backend database into “cipher text”, which can make the data incomprehensible without first being decrypted. In the event that a web hacker was able to bypass your first line of defense (in very rare instances or caused by rogue insiders), a high performance database encryption software could be your savior. DB encryption software not only prevents sensitive data leakage, but even if data is stolen, encrypted data will be deemed useless since web hackers will be unable to decrypt the information. As an added measure of security, database encryption companies, such asMyDiamo, can separately store database keys into third party key management servers to eliminate any possibility of a data breach.

Here is a short list of the benefits of using a database encryption software:

  • Protect Data Completely – encrypted data information is protected, even if it is stolen
  • Guarantee Data Integrity – easily detect whether data was manipulated/tampered
  • Compliance – satisfy legal & internal/external audit guidelines (HIPAA, SOX, PCI-DSS, etc.)

The key to protecting data stored in the cloud is to take a more perimeter based proactive approach. It’s best to secure your more sensitive data before cyber criminals ever reach your vulnerable web applications. This can be accomplished by utilizing a Web Application Firewall and Database Encryption software as an added security insurance. Get started on protecting your data in the cloud today!

 


This blog post was originally featured on cloudbric.com. Visit their blog for more insight, news, and accessible information on web threats and trends. If you would like to learn more about Cloudbric’s logic-based WAF service, please contact info@cloudbric.com.

Honored at 2016 Cyber Defense Magazine Awards

Penta Security’s WAPPLES and MyDiamo Win at the 4th annual awards

On February 29th, 2016, it was announced that Penta Security would be honored with two awards by Cyber Defense Magazine (CDM). CDM is one of the industry’s leading electronic information security magazines. It is also the official media partner of the RSA® Conference 2016. Penta Security’s WAPPLES was chosen as the Hot Company in Web Application Security for 2016. MyDiamo was awarded the Editor’s Choice in Data Leakage Prevention for 2016.

Cyber Defense Magazine

Cyber Defense Magazine, along with a panel of leading independent information security experts, performs thorough research and review of potential award nominees for various security categories. The panel is also recognized for multiple cyber security related certifications, such as Certified Information Systems Security Professional (CISSP), Founding Member of the Department of Homeland Security (FMDHS), and Certified Ethical Hacking (CEH).

WAPPLES

Penta Security was honored for their Web Application Firewall (WAF), WAPPLES, which is powered by a patented Logic Based Analysis Engine. This detection technology enables WAPPLES to intelligently detect and filter web attacks at a higher accuracy rate with lower false positives than other industry competitors. WAPPLES is currently the number one Web Application Firewall in the APAC region based on market share. Additionally, WAPPLES technology also powers other cloud based solutions from Penta Security. Some of these include WAPPLES V-Series, which can be customized for any virtual or cloud infrastructure, and Cloudbric, a cloud based WAF service targeted for small and medium businesses.

“We’re thrilled to recognize next-generation innovation in the information security marketplace and that’s why Penta Security has earned this award from Cyber Defense Magazine. Some of the best INFOSEC defenses come from these kinds of forward thinking players who think outside of the box,” said Pierluigi Paganini, Editor-in-Chief, Cyber Defense Magazine.

MyDiamo Recognition

Additionally, recognition was given to Penta Security’s MyDiamo, an engine-level encryption software for open source databases. OSS DBs include MySQL, MariaDB, and PerconaDB. From 2013 to present, MyDiamo has been downloaded over 2,000 times. It has become a leading open source database encryption software.

“The recognition of MyDiamo and WAPPLES from Cyber Defense Magazine further validates our company as an innovator. It is a great endorsement, and shows that we can provide quality products for maximum security,” said Duk Soo Kim, Penta Security’s Head of Product Planning.

For more information on Penta Security or Cloudbric web security services please visit www.pentasecurity.com/en and www.cloudbric.com. For potential partnership inquiries, please send an email to info@pentasecurity.com or info@cloudbric.com.

profile

Security Solution Goes Global

A Korean solution provider is now the talk of the town by entering its security solution into 60 countries through its new ‘Dual Licensing’ security solution sales strategy.

Data encryption and web security provider Penta Security Systems Inc. (CEO/Founder Seokwoo Lee, www.pentasecurity.com) announced that MyDiamo, Penta Security’s encryption solution for MySQL and MariaDB, has successfully entered into 60 countries with its dual license (free for personal use but not for commercial use) policy since its release in March last year.

security solution mydiamo

Most Korean IT security companies export to other countries with a sole distributor or an overseas branch office. Penta Security broke this established business model and tried a new sales strategy to reach its customers. Now, the security solution MyDiamo has entered 60 countries, including the United States, China, Russia, Germany, Sweden, Norway, Denmark, and many more in just little over one year.

MyDiamo has been sold to the countries in which Penta Security has not expanded its sales network, and the number of countries that have adopted the encryption solution is the largest among all Penta Security’s products. It also has reached the largest number of countries for Korea’s formidable domestic IT security industry. In all, more than 3,600 total licenses have been downloaded.

MyDiamo, the security solution

MyDiamo is an encryption solution for MySQL and MariaDB, which are the most popular databases with the top market shares. MariaDB is a database developed by Michael Monty Widenius, the founder of MySQL. The number of MariaDB user has rapidly increased due to its improved performance over other open-source DB environments.

MyDiamo secures these popular databases with technology from Penta Security’s data encryption platform D’Amo. MyDiamo provides one-way encryption, index-column partial encryption and column-level encryption using trusted international standard encryption algorithms, such as AES. It complies with PCI-DSS and provides masking features for credit card numbers.

Duksoo Kim, CTO of Penta Security, stated “We could not remain in the small domestic market, so we had to go global. However, it was not easy to export IT security products because there were differences in distribution channels and cultures.” He continued, “Last year, the dual licensing policy we chose instead of existing sales policy has brought us this wonderful and unexpected outcome.” He added, “We are not settling for this, however, and we are preparing various strategies, including cloud computing and on-demand services, to enter the global market.”