Security Firm Sepior Announces the Release of Amazon S3 Plugin for Encrypting Data Using Customer-Owned Keys
Powerful cloud-based key-management-as-a-service (KMaaS) gives Amazon’s public cloud customers an affordable and scalable Bring Your Own Key (BYOK) solution
Aarhus, Denmark (June 12, 2017)
Security vendor Sepior has released a plugin for customers of Amazon’s Simple Storage Service (S3) to control their own encryption. The Java-based plugin allows Amazon’s S3 customers to easily use Sepior’s Key-Management-as-a-Service (KMaaS) cryptographic security with data stored using S3.
Regulatory compliance and privacy protection for healthcare, financial service and retail transactions are increasing the need for encryption. In addition to strict guidelines found in HIPAA, SOX and PCI DSS, the coming European Union General Data Protection Regulation (GDPR) scheduled for 2018 levies heavy punitive fines on companies that suffer data breaches because of unsecured data.
KMaaS is a pure cloud-based service that provides key management with cryptographic security and without requiring trust in any single third party. The service generates random, secure cryptographic keys that are consumed by authorized applications only. Sepior’s solution retains the convenience and scalability of cloud services, while offering security levels as high as those offered by physical gateway-based encryption solutions. The high security comes from the use of multiparty computation (MPC), a cryptographic technology that allows a number of parties to compute using encrypted data. The cryptographic keys are mathematically split in a number of parts which can be stored with different cloud service providers or in different availability zones.
“We chose Amazon S3 for our first native plugin because they have the greatest market share”, said Ahmet Tuncay, Sepior’s CEO. “They host almost twice as much data as the next seven largest providers combined, serve security conscious customers globally, and were early to recognize the value of protecting privacy with customer controlled encryption in their public cloud offerings.”
Amazon S3 supports two different ways for users to encrypt data on the service. Customers can use an Amazon provided master key, which requires that they trust Amazon, or customers can provide their own client side master key, a process known as Bring Your Own Key (BYOK). Security experts recommend BYOK for optimal security, ensuring client side master keys and unencrypted data are never sent to a public cloud, but key management can be a significant burden for many companies. If the keys are lost or otherwise unavailable, the data can’t be unencrypted, and if the key materials are not cryptographic quality, the benefit of encrypting sensitive data may not be fully realized. The advantage of Sepior’s KMaaS is it enables simple and cost effective key management for BYOK schemes – taking the cloud provider out of the security picture, creating a fault-tolerant, trustless, multi-cloud environment with total key immunity against malicious attacks and unwanted surveillance.
Pricing for Sepior’s KMaaS is based on the number of applications encrypted, unlimited number of keys, and starts at $99 per month.
The company offers a free trial for Amazon S3 customers that can be set up in 30 minutes. https://sepport.sepior.net/apply. Additional Sepior plugins are planned for other popular cloud storage services.
Founded in 2014 as a spinout from the University of Aarhus in Denmark, Sepior develops key management solutions for encrypting data on the public cloud. Using patented cryptographic protocols, Sepior’s RSA award-winning team of cryptography experts have developed a practical virtual Key Management Service (KMS) using secure multi-party computation (MPC), a technique for splitting cryptographic keys between different providers that results in distributed trust. As the industry’s first true cloud-native KMS based on MPC, Sepior gives businesses full control over the encryption keys used by their SaaS-providers without relying on any single SaaS-provider, and at SaaS economics.
The company is partially funded by a grant from the European Union’s Horizon 2020 Research and Technology program.