Cryptosoft, ‘Encrypt anything to anywhere’, has announced the launch of its flagship encryption solution as the first dedicated platform built from the ground up to offer scalable encryption for any data type, from any application delivered to any destination.
Cryptosoft has been in development for over 2 years and uses a standards based OpenPGP core to deliver a platform designed to support any on-premises, virtualised, hosted or cloud infrastructure. The solution is currently undergoing full-scale deployment at a major FTSE 100 organisation that had traditionally used disparate and complex point solutions and custom scripts to deliver encryption to applications and business dataflows.
“Encryption is not a new technology however, provisioning encryption as a service has tended to drag behind other market trends such as virtualisation, mobility, hosting and new areas like cloud, “explains Jon Penney, Founder of Cryptosoft. “Cryptosoft is the first platform that is built for modern encryption requirements and not a legacy product trying to fulfil a need it was never designed to meet.”
As MD of Intellect Security Ltd, a major system integrator of traditional encryption tools for enterprise customers for over a decade, Penney saw an emerging problem. “We had requests from clients for cryptography that could be deployed once and used across all areas of their business as a simple add in service. We looked for such a product but nothing existed in the market, so we decided to develop it ourselves based on the needs of thousands of real world encryption customers and the wide variety of use scenarios we have encountered over the years.”
What makes Cryptosoft unique is its ability to scale and handle encryption tasks as a service process while interfacing seamlessly with the world’s leading key management, security policy and DLP platforms including those from PGP, Symantec and others.
“Our customers already have security infrastructure in place and are loathed to have to rip and replace perfectly adequate tools just to add encryption,” explains Penney, “So we have spent considerable effort in ensuring that Cryptosoft integrates with existing management platforms so encryption becomes an added service without impacting on workflow, security management or audited processes.”
For hosting and cloud service providers encryption offers the potential to allay many of the security concerns expressed by customers. However, traditional monolithic approaches are expensive, have problems scaling and are often difficult to implement in a shared environment.
“We built Cryptosoft with the express goal that it can scale so it has full support for virtual servers and load balancing capability,” explains CTO Carl Bourne. “But it is essential from an operational security standpoint that the critical cryptographic keys are still held by the client and not the service provider – this distinction is vital to meet the security requirement for many organisations and this separation between security policy handling, key management and the underlying encryption engine makes Cryptosoft a unique solution.”
The Cryptosoft platform uses the industry standard OpenPGP core but its modular approach allows users to select an alternate engine, including the commercial FIPS approved engine from Symantec. By using standards based HTTP rest API’s, Cryptosoft is compatible with applications from leading vendors including EMC, Microsoft Dynamics, IBM, Oracle, and SAP as well as bespoke development environments.
Cryptosoft is currently working with a top tier managed service provider to offer a pure cloud based version of its platform as well as engaging with several channel partners to deliver its solutions to a wider market.
“We believe that Cryptosoft is the first platform of its kind to build encryption that is suited to current market drivers and by using established technology and open standards, we believe there will be strong demand for the platform from organisations that need encryption but are not prepared to sacrifice current security controls or processes.”
Bob Tarzey, Analyst and Director, Quocirca Ltd comments “Quocirca believes that Cryptosoft is addressing a key problem with data security ensuring the encryption of data throughout a business process, even when multiple third parties are involved. The use of open standards and basing the encryption and key management on the widely used Symantec-PGP technology will be a significant factor to ensuring the success of the new platform.”