Securing Data in the Cloud & Hosted Environments

    This post was written by Chris Gillan, Co-Founder of Gazzang, Inc., a Rackspace Tools Partner.

    A friend of mine, the CEO of a small ASP software company, hired a consultant to come in and tweak a few things on a MySQL database. The consultant was in and out in a day, database performance was back to normal, and all was well. Until…two days later, when his phone rang. The voice on the other end was his archrival competitor. “John, I just wanted you to know that the consultant who was in your shop last week stole your entire database, and just offered to sell it to me.”

    That’s a call you DON’T want to get. My friend had used a MySQL database for his application because it was scalable and cost effective, but he knew security might be a concern. His team had hacked together an encryption solution, but apparently it didn’t offer protection from root access, which he had given to the consultant for the day.

    We hear these stories time and time again. There’s always a new twist, but the core challenge remains the same: there is no transparent data encryption (TDE) built in to MySQL. The solutions assembled by most folks don’t include protection from root access administrators, and encryption key management is a nightmare. Add to that the fines and other ramifications of not complying with HIPAA or PCI standards and you’ve got a real challenge on your hands.

    Enter… Gazzang ezNcrypt for MySQL.

    While our patent-pending product suite spans the cloud, our first focus is on the most insidious inhibitor of full enterprise-wide cloud computing adoption: data security for MySQL. According to an October 2010 report by Forrester Research, security issues are the “most prominent reasons organizations cite for not adopting cloud services.” And our customer research shows that open source applications in particular are among the most vulnerable.

    Protecting data at rest, starting with MySQL

    The core of the ezNcrypt product suite is transparent data encryption (TDE). Once reserved for expensive and difficult to implement commercial databases, Gazzang brings this critical functionality to software that secures the world’s fastest-growing — and highly vulnerable — open source database: MySQL.

    Gazzang ezNcrypt solves the problem of protecting data at rest with encryption at the database, table and table space level for MySQL, and also encrypts databases on both hard drive and backup media regardless of location — cloud, hosted solution, you name it. Companies have the ability to:

  • Enable encryption in real-time, without making changes to applications or databases
  • Chose the data you want to encrypt
  • “Install and encrypt” instantly with a true plug-and-play software that you control
  • The “key” to secure data

    Data encryption is one thing, but without an effective key system, it’s essentially useless. The success — and security — of a company’s data encryption operation depends on an impenetrable key, and that’s where Gazzang excels.

    Our Key Storage System (KSS), which is exclusively available with Gazzang ezNcrypt Standard and Enterprise versions, is a proprietary, back-end platform for reliable, secure, enterprise-class encryption key management that is specifically designed to meet the most stringent compliance requirements.

    It is Gazzang’s transparent data encryption technology, an unparalleled key management system, simple implementation, and “set and forget” design that combines to give companies a comprehensive tool for complete data-at-rest security and preservation of MySQL data.

    Visit Gazang’s partner page for more information about Gazzang ezNcrypt.

    Rack Blogger is our catchall blog byline, subbed in when a Racker author moves on, or used when we publish a guest post. You can email Rack Blogger at


    Please enter your comment!
    Please enter your name here