One of the benefits of cloud applications is that, just like magic, they allow organizations to forget about updating software, storing data and all the other important but non-core parts of running an enterprise IT organization. All that sounds fantastic, right? Well yes, but what happens if you’re an organization that works in a heavily regulated industry and needs to keep data on-premises? Or what if you’ve got a bunch of legacy storage assets that you want to keep milking some value from?
Until now your decisions were largely binary – either go cloud, or go home. Sure companies like Egnyte do an awesome job of delivering hybrid file synchronization and collaboration, but for more cloud-centric applications, your options were limited. Cloud security company (actually, cloud security is something of a misnomer as this article will show) Bitglass want to change all that. The company, founded only a year or so ago, has already made good progress delivering data protection solutions for enterprises. Now they want to broaden that by giving enterprises a double helping of choice.
Bitglass’ new solution allows enterprises to use their favorite “cloud” apps like Salesforce and Box, all the while storing their data in an encrypted manner in their own private infrastructure. Sound weird? Well yes, kind of, but it’s also something that lots of enterprises have been asking for. It’s the reason that Marc Benioff famously stood on stage with HP CEO Meg Whitman late last year to announce that Salesforce was building HP their own private infrastructure to host a dedicated Salesforce instance. It was more complex than that, and Salesforce still maintains the kit, but in essence it gives HP total isolation from all other Salesforce customers.
So how does Bitglass tackle this problem? The new solution intermediates connections between users and cloud apps. Application data is stored encrypted in the enterprise’s private cloud rather than in the application itself and the data is dynamically decrypted and folded into the application during use. In a win/win situation, this strategy combines the security of data stored in a private cloud with the usability of popular public-cloud applications. Of course it means enterprises need to manage their own on-premises storage again but hey, if that’s what the customers want… Customers can even chose which fields within the cloud application need to be encrypted. In an interim option, Bitglass also lets customers store their data within the application, but in an encrypted manner. All encryption (on-premises or cloud) uses AES AES +0.66% 256-bit encryption.
Some would suggest this is a Frankenstienian mashup of two diametrically opposed ways of doing technology. Others feel it’s an ultimately pragmatic approach to solving complex problems. Which perspective you take on this offering largely depends upon which end of the enterprise IT spectrum you sit…