Vaultive Launches Cloud Data Encryption for Hosted Exchange

Cloud data encryption solution provider Vaultive announced a new product for Hosted Exchange.

The new enterprise-class encryption package enables data-at-rest and data-in-use in cloud environments to be encrypted within the Hosted Microsoft Exchange environment, while enterprise IT retains control over the encryption keys.

“Moving a vital application such as email to a cloud environment has the potential to save an enterprise a significant amount of time, resources and money, but security, data residency, privacy and regulatory compliance concerns are often barriers,” said Steve Coplan, research manager for  451 Research's Enterprise Security Practice. “In order to take advantage of the operational benefits of a cloud-based service without ceding the ability to manage access to data and emails residing on third-party infrastructure, a best practice is to require some mechanism to internally retain controls. Vaultive's approach allows organizations to encrypt data-at-rest in the cloud, while holding the keys to decrypt the data."

Vaultive said data that is processed within its solution is encrypted as it travels over the network. the software uses a proprietary form of 256-bit AES encryption that preserves "certain characteristics of the data" to maintain searchability, as well as sorting, and indexing features, which enables data transfers within the cloud without decrypting the information. As the service is contained within the cloud, there no need for an application or an agent on a user's device, Vaultive said. According to the company, the encryption feature does not impact the usability of data on the end-user's side in any way.

However, the fact that the encryption/decryption happens entirely within the cloud, the solution may be especially appealing to cloud providers as it takes them out of the line of fire as no customer data is directly exposed. Vaultive noted that legal subpoenas will require, for example, the government to directly ask the data owner, as the cloud provider will not be able to provide decrypted data.