Security "Bits"

Full-strength, searchable cloud encryption

By Rich Campagna | July 8, 2015 at 5:30 AM

I'm excited to announce that Bitglass has been awarded US Patent 9,047,480, which covers searchable full-strength 256-bit AES encryption for cloud applications. Cloud encryption? How is that news - haven't we been able to encrypt data in cloud applications for a couple of years now? Well, yes and no...

The biggest challenge with encrypting cloud data is doing so while maintaining the functionality of the application itself. After all, if data is encrypted, the application can't read the data and therefore can't do anything with the data. Search is the most commonly cited function that typically breaks when data is encrypted. For example, let's say I encrypt the first name, Pravin, before storing in a cloud application. I later go to the application and search for Pravin. This search will fail because the cloud app doesn't know about "Pravin," it only has access to the ciphertext that was stored in place of Pravin. 

The search problem has previously been solved by limiting the strength of the cryptographic algorithm. The question is, why bother encrypting if you use weak schemes that can easily be cracked? The Bitglass engineering team struggled with this question for a long time. 

After months of effort, we finally came up with a way to let you have your cake and eat it too - full-strength crypto AND search. Not only is our unique, split-index approach patented, but it's already commercially available in the Bitglass Cloud Access Security BrokerThis innovation combines the trusted security of a private cloud with the flexibility of public cloud applications. So you can safely enable the cloud applications your organization needs - apps like Office 365, Salesforce, Box, and ServiceNow. 

BTW, we're holding a webinar, Is Cloud Encryption Right for You?, on July 16th. We'll cover the pros and cons of encryption data in the cloud, in order to help you make a balanced decision on whether it is a path your organization should follow. Sign up here.



see all