Cloud computing and Bring Your Own Device (BYOD) are inarguably two of the hottest trends in high tech today. These enabling technologies increase productivity but they also present corporations and consumers with significant security, privacy and manageability challenges.
A new software service from nCrypted Cloud, a Boston-based startup, secures and encrypts cloud-based data in a straightforward, easy-to-use and affordable manner.
nCrypted Cloud encrypts data from recognized cloud services like Dropbox, Google Drive and Microsoft’s SkyDrive. nCrypted Cloud comes in three versions: a basic Consumer version which is free; a Consumer Pro version and an Enterprise edition aimed at corporate users.
Founded in July 2012 by security experts, Nicholas Stamos and Igor Odnovorov, nCrypted Cloud enables users to access and share data securely regardless of geographic location and across various security domains. At the same time, corporations, their end users and consumer users retain the ability to control who has access to their data.
Nick Stamos, nCrypted Cloud’s co-founder and chief executive says that IT must face the fact that services like Dropbox have already penetrated 95% of the Fortune 500 companies. In most cases though, the service isn’t actually sanctioned by IT, but rather brought in by individual employees, which many refer to as Shadow IT. “Cloud storage providers such as Dropbox are here to stay, and will exist in our personal and corporate lives with data being intermingled. Best to accept this reality, and address the issue by thinking out of the box.” Stamos says. “nCrypted Cloud was created to protect the privacy of personal and corporate data, with its unique patent pending approach. Easy enough for a consumer to use, but built with the features needed to comply with HIPAA, PCI/PII, ITAR and IP Protection requirements as well as their overall corporate data governance.”
Security is an Essential for Cloud, BYOD and Mobility
nCyrpted Cloud does what its name suggests: delivers the crucial security component often lacking in BYOD and cloud-based services. The corporate workforce is increasingly mobile; whether traveling for business, telecommuting or simply accessing the corporate data network in off-peak hours, there is no such thing as “after-hours.” And the lines between corporate and personal information have blurred to indistinction. BYOD usage also is rapidly proliferating. But as with so many other technologies, the security and data privacy component lags far behind.
ITIC’s 2012-2013 BYOD Deployment and Usage Trends Survey, which polled 500+ users from September through December found that nearly two-thirds – 62% – of corporate survey participants allow workers to use personal devices like tablets, smart phones and portable/lightweight laptops for business use and to access corporate data. However, 71% of the respondents indicated that their firms have no specific security policies and procedures in place to support BYOD deployments. Only 13% of survey participants said their companies were proactively monitoring and security BYOD deployments. This despite the fact that 47% of those polled said they were concerned about the potential security threat posed by the use of BYOD devices in workplace.
nCrypted Cloud safeguards data from external hackers and affords companies and their knowledge workers the holy grail of internal data security: separation of the corporation’s intellectual property (IP) from the employee’s personal data and files.
The swift adoption of BYOD devices in the workplace has been a convenience and a curse. It saves organizations money and lets workers use their familiar devices. But it also raises security concerns and poses potential risks for both parties. nCrypted Cloud solves these issues by enabling end users to apply privacy controls to distinguish their personal data from the company’s corporate data. At the same time, the corporate security IT managers can apply the appropriate enterprise security policies and procedures to safeguard the company’s intellectual property (IP) across the enterprise and on various BYOD and mobile devices.
This nCrypted Cloud capability overcomes the thorny issue of what happens when an employee leaves a company either of their own volition or through a workforce reduction or firing. Oftentimes, even when the parting is amicable, the business still opts to immediately cut off access, leaving the former worker in the lurch if they can no longer access their personal files and data. Corporations also have real concerns about safeguarding their sensitive IP in the event of unintentional leaks or deliberate malicious actions on the part of a disgruntled employee.
“nCyrpted Cloud ensures that the personal data is separated from the corporate IP. Both the employer and the employee have the ability to revoke access to corporate data residing on a personal device and pull back personal data from a corporate device. So it’s a win-win for all parties and doesn’t compromise anyone’s security,” Stamos says.
nCrypted Cloud provides persistent client-side encryption which guarantees data security by verifying the user’s specific and pre-defined access policies and sharing status; user ID keys are sent directly to the device. The client then caches keys for offline access to files; the keys can be removed or revoked if and when the access policies change. nCrypted is also non-disruptive. Users can easily access and share files across multiple and existing cloud-based storage services using a single-pane view of cloud and corporate file repositories.
The time is now for nCrypted Cloud
“A product like this [nCrypted Cloud] was inevitable, according to Andrew Baker, president of Brainwave Consulting, an IT datacenter and security deployment consultancy in Gassaway, West Virginia. Baker has more than 20 years experience as an IT security manager with companies like Bear Stearns, Time Warner Music and Send Word Now.
“The message to anyone who uses cloud services is: users secure yourselves or suffer the consequences,” Baker says. “It’s only a matter of time before data in cloud services like DropBox, Microsoft’s SkyDrive, Google Drive and other data gets exposed.”
Baker observes that a quick look at the security breaches of the last 18 months indicates that “they’re hitting a lot closer to home.”
Hacks are no longer relegated to banks, money and credit card fraud. Personal and professional sites like LinkedIn, DropBox, Scribd and others have all been compromised. “These are things that people use and see on a daily basis; the security breaches are and will continue to get more personal in terms of intellectual property or gaining access to an asset,” Baker says.
The attacks occur because passwords are shared; hackers can break into one service or site and gain access to another. “The mindset of the hackers has changed and the mindset of the potential victims is also aligning with the new reality – albeit somewhat more slowly,” Baker says.
Baker likes nCrypted’s concept of centralized straightforward management and security.
“As an IT security professional one of the first things I look for is centralized management and the flexibility to set up rules. And when it comes to BYOD, you absolutely need flexibility for both the end user’s personal data as well as the corporate data – I don’t want the two disparate data types co-mingling, so this aspect of nCrypted Cloud’s functionality is practical and appealing,” Baker notes, adding, “Corporations and consumers need more tools like this as their cloud and BYOD usage increases. If I have to deploy something manually to even five machines it’s definitely worth it for me to automate the process.”
Pricing is another important consideration.
nCrypted Cloud is available in three (3) versions. The basic consumer version is available for free download at the company’s Website. The Consumer Pro version lists for $5 per month; it incorporates managed secure sharing, some file auditing, and the capability to manage files stored in disparate cloud services. The Enterprise Edition – which is already being used in beta trials by several potential customers — retails for $10 per user/per month. It includes all of the capabilities of the other versions and also supports additional features like centralized management provisioning, multiple identities, policy control and a full audit trail of 30-day archives.
Brainwave Consulting’s Baker says some businesses could initially balk at the $10 monthly service charge for each user. However, he believes that the benefits of securing the cloud based information across the enterprise and BYOD and mobile devices more than justify the capital expenditure outlay.
A company that purchases nCrypted Cloud for one thousand users would pay a list price of $120,000 (US dollars) for a year – before volume discount.
“Even the full list price of $120,000 isn’t too bad for encrypted cloud storage,” Baker says. “In fact, three cloud storage breaches from looks like a very good deal when you consider the alternative: lost or stolen data and IP, damage to the company’s reputation and the risk of litigation. People who have misgivings about paying the price, will have fewer qualms about pricing as they hear about more hacks. At that point it will look like a very good deal,” he adds.
It’s also true that few firms pay full list price. Discounted or street pricing varies by customer and volume. However, street pricing typically ranges from 20% to 50% and ITIC has heard of early nCrypted Cloud customers who have already received hefty discounts for early adoption.
For more information or to get a free 30-day trial of nCyrpted Cloud go to: http://www.nCryptedcloud.com.