Porticor®, a leading cloud data security company delivering the only cloud-based key management and data encryption solution that infuses trust into the cloud and keeps cloud data confidential, today announced growing customer traction in the healthcare industry due to its innovative solution enabling health organizations to secure cloud-based Protected Health Information (PHI) and helping them meet HIPAA and Safe Harbor compliance.
The Porticor Virtual Private Data (VPD) platform is a cloud key management and encryption solution that delivers the healthcare industry’s most secure cloud encryption key management by enabling health organizations to securely maintain control of their own encryption keys. Unlike traditional data encryption solutions, which are complicated and expensive to deploy and manage, Porticor’s split-key encryption and homomorphic key management system is offered as the industry’s first cloud data protection service of its kind, delivering true confidentiality of data in cloud, virtual and hybrid environments by ensuring encryption keys are never exposed.
“HIPAA requires us to protect data at rest and in motion,” said Kathleen Sidenblad, VP of Engineering at Amplify Health, LLC, of San Francisco. “We have found Porticor’s cloud data security and performance to be very good. Managing our own data encryption keys is important to us and Porticor lets us do that. We take security very seriously, and other solutions don’t allow us to easily control our own keys.”
Over the years, a variety of factors have led to an increase in healthcare organizations embracing cloud computing, including the need to do more with less money and the need to leverage data analytics to drive better care and reduce costs. Today many health apps such as EMR/EHRs are now cloud based, giving health workers computing resources available on demand, and allowing for scalable implementations, high availability and faster rollout of services.
“Porticor offers a unique blend of technical, cloud, key management and affordability features,” said Christine Sublett, President of Sublett Consulting, a Porticor partner and HIPAA compliance expert assisting healthcare and technology companies with security, privacy and compliance issues. “The price point is reasonable, and their key management technology is superior to anything else we explored. Prior to Porticor we had to manage our own encryption keys, and it was something we didn’t do well.”
Integrating with major players such as HP, AWS and VMware, Porticor provides the industry’s only software-defined, automated solution that uniquely eliminates the need for cumbersome, non-scalable, and expensive hardware security modules for the cloud. Uniquely combining data encryption with patented split-key encryption and homomorphic key management technologies, Porticor protects critical data in public, private and hybrid cloud environments. It provides the strong security needed for healthcare compliance in a convenient, cost-effective, fully cloud-based solution.
“The cloud is no less secure inherently than a traditional data center, and of primary concern from a logical standpoint would be encryption of data in the cloud,” said Sublett. “There are two places where I see Porticor out in front of the competition. First, its key management solution is truly elegant. Key management is an ongoing challenge for companies, and Porticor’s homomorphic key management solution solves this problem. Porticor’s solution also has implications for an organization that wishes to utilize the protections afforded it under Safe Harbor.”
“In the event of a security incident that is a suspected breach, and if the healthcare company is utilizing Porticor’s API application-level integration for data encryption, there is a reasonable likelihood that, after performing a breach risk assessment, they could make the determination that there is a low probability that the PHI has been compromised and thereby claim safe harbor,” Sublett continued. “This means that the onus of reporting a breach is largely ameliorated, with fines and reputation loss avoided.”
While other solutions require encryption keys to be manually managed for every disk, distributed storage or database record, or to be owned by a cloud provider, Porticor’s homomorphic split-key encryption technology eliminates both complexity and compromises. Porticor restores key ownership to customers while automatically managing customer encryption keys with maximum security. With homomorphic key management, the keys are protected at all times even while they are in use. Porticor protects the entire data layer stack, including virtual disks, distributed storage, databases, and applications. It dynamically encrypts and decrypts virtual data whenever the application needs access, and delivers a key management system that is fully hosted in the cloud, yet offers the confidentiality, security and trust of a system that is hosted inside the datacenter. Within minutes, customers can encrypt their entire data layer with the proven AES 256-bit encryption algorithm.
Porticor (porticor.com) is the leading cloud security company delivering easy-to-use and scalable security solutions for cloud data encryption and key management. The Porticor Virtual Private Data™ (VPD) system is the industry’s first solution combining data encryption with patented split-key encryption and homomorphic key management to protect critical data in public, private and hybrid cloud environments. Using breakthrough split-key encryption and homomorphic key management, the Porticor VPD is the only system available that offers the ease-of-use of cloud-based key management without sacrificing trust. Porticor is an Amazon Web Services Technology Partner, a VMware Technology Alliance Partner, an HP technology partner, and supports other clouds. The company is headquartered in Tel Aviv, Israel, with offices in Silicon Valley, and is venture backed.
Porticor®, Porticor Virtual Private Data™, Porticor Virtual Key Management™, PVKM™ and Porticor VPD™ are trademarks of Porticor. Copyright© Porticor 2014. All other products and/or services referenced are trademarks of their respective companies.