PALO ALTO, Calif., June 30, 2020 /PRNewswire/ -- A new
industry-driven approach provides enterprise CIOs and CISOs with a
reliable, easy-to-implement way to protect corporate data
anywhere—putting an end to the ongoing problem of data
insecurity.
Anjuna Security Inc., the enterprise enclaves company, today
announced it has closed a critical gap in data security, using full
hardware-grade protection to enable new and existing applications
to run without modification. Anjuna Enterprise Enclaves extend
hardware runtime data protection to data-at-rest and
data-in-motion, while addressing one of the most vexing flaws in
enterprise data security: Data cannot be used and secured
simultaneously—a flaw at the heart of virtually every enterprise
data breach.
The Problem
While software security solutions offer
some protection, they are ultimately undermined by attackers who
gain full control of servers or encryption keys exposed in memory
during runtime. Encryption keys are central to most data protection
schemes. When exposed, security tools can no longer protect data or
applications from malicious insiders, unauthorized third parties,
and other bad actors, such as rogue nation states.
"Software-based security is inherently flawed, because
data-in-use is fundamentally not secured in memory or the CPU. As a
result, security teams play a never-ending game of cat-and-mouse
with bad actors—building software barriers they know will
eventually be breached," said Ayal
Yogev, CEO and co-founder of Anjuna Security. "This means
CISOs live in a rather uncomfortable perpetual state of data
insecurity."
The Technology to Fix the Flaw
In recent years, such
CPU vendors as Intel (SGX) and AMD (SEV) added proprietary security
features into their high performance CPUs. These enhanced
instruction sets enable programmers to create secure enclaves—fully
protected and encrypted regions of computer memory effectively
invisible outside the enclave. To utilize these facilities,
however, requires rewriting software code.
"These new silicon-level technologies solve the data security
flaw—a great first step to opening up applications we can't even
imagine today," said Yogev. "They finally solve the data insecurity
challenges that have plagued companies, for decades—building
extremely complex layered security software defenses that never
totally eliminate the ever-present threat of incursions."
Broad Industry Support Technology
CPUs with secure
enclave capabilities are already being used in the latest servers
for data centers, and public cloud vendors are also rapidly
adopting the technology. Anjuna is a member of the Confidential
Computing Consortium, a group formed by the largest industry
players to bring this technology to commercial use. Led by
Microsoft, Intel and AMD, the consortium is driving deployment of
new data secure cloud services based on these secure hardware
platforms, such as Azure confidential computing, Baidu, and
more.
Secure Enclaves Made Enterprise-Ready
Even with secure
hardware within reach, enclaving an application is still not a
simple process for enterprises. Proprietary software developer kits
do not generate applications that can run on multiple hardware
platforms. This makes implementing enclaves a time consuming and
expensive process that most enterprises aren't willing to undertake
on their own.
"We knew enterprises couldn't afford to rewrite applications for
each hardware platform, " said Yogev. "That's why we created a way
for them to deploy fully managed enterprise-class enclaves that
span memory, storage, networks and clouds instantly—simply, as is,
and without any recoding."
A New Era of Secure Computing: Anjuna Enterprise Enclaves
Software
According to Yogev, Anjuna sees a future where
enterprises achieve a state of absolute data security for all data
and applications anywhere they are used. This frictionless security
will enable completely new ways to deploy data and applications
more effectively, while allowing enterprises to work more
efficiently with absolute data security.
"Anjuna Enterprise Enclaves deliver on the the promise of a new
level of data security by addressing the problem CIOs and CISOs
have chased for decades: how to seamlessly run trusted workloads in
uncontrolled and/or hostile environments and prevent data leaks—all
while maintaining productivity," said Michael Johnson, former CISO of Capital One
and former CIO of the US Department of Energy. "Now
CISOs can feel comfortable saying yes to the cloud—knowing their
information is secure, no matter where it is run or stored."
Available Now
Anjuna Enterprise Enclaves software is
available now directly from Anjuna and through the Microsoft Azure
confidential computing marketplace.
About Anjuna
Anjuna provides simple secure
enterprise-ready application and data protection that is
invulnerable to malicious software, IT insiders, and bad actors.
With Anjuna, enterprise IT can safely run workloads within the
isolated and encrypted confines of a secure enclave on-site or in
the cloud. Unlike point solutions, Anjuna enables enterprises to
deploy fully managed enterprise-class enclaves that span memory,
storage, networks, and cloud instantly, as is, and without
re-coding. Anjuna is based in Palo Alto,
California.
To learn more, go to www.anjuna.io or email
info@anjuna.io.
View original content to download
multimedia:http://www.prnewswire.com/news-releases/anjuna-closes-long-existing-enterprise-data-security-gap-301085591.html
SOURCE Anjuna Security, Inc