June 20, 2012 – Business Wire Press Release
At GigaOM Structure 2012, Gazzang today announced Gazzang zTrustee™, a universal key manager that stores and manages all cryptographic keys, certificates, configuration files, tokens and any other “opaque objects” an enterprise maintains to secure its most sensitive data. The new SaaS solution was driven largely by feedback from customers who wanted to extend the reach of the Gazzang zNcrypt™ Key Storage System to manage other important IT objects alongside their Gazzang keys.
SaaS, cloud and big data initiatives are driving increased interest in encryption as a best practice for securing data across highly distributed, hybrid IT environments. But protecting data has just as much to do with proper key management and access control policies as it does the encryption algorithm itself.
Gazzang zTrustee is built on the premise that all keys and other important information objects should be encrypted, secured and governed by a robust set of policies established by IT organizations, not cloud or SaaS providers. This helps restrict access to sensitive data and ensures compliance with regulatory mandates. zTrustee expands beyond offerings from hardware security module (HSM) providers that are expensive, hard to program, limited by the variety of objects they can support and store, and incompatible with most cloud computing environments.
“The growing number of virtual images, cloud instances, servers, mobile devices and other connected systems in the enterprise has created an explosion of keys, certificates and other information objects,” said Scott Crawford, managing research director at Enterprise Management Associates. “Getting this ‘key sprawl’ under control requires organizations to take a more holistic approach to the storage, management, tracking and access policies associated with those objects.”
How It Works
Gazzang zTrustee is a virtual security vault for your most important opaque objects. Below is an example of how a cryptographic key is stored and retrieved in zTrustee:
- A client (a process or device) deposits a cryptographic key or any opaque object into a secure zTrustee server.
- The client assigns a policy or policies governing access to that specific deposit.
- When a retrieval request is made, the client requests access from the server.
- The server enforces the access policies by notifying designated “trustees” (a person or process), who vote to authorize or deny access to that deposit. The voting is conducted through an easy-to-use web interface, and at no time does the trustee have knowledge of, nor access to, the contents of the deposit.
- A thorough audit log is maintained throughout the entire process.
For additional use cases, download a copy of the Gazzang zTrustee data sheet.
“Device proliferation, cloud computing, key sprawl and the lack of policies and control around those keys, has turned cloud IT security into a virtual ‘wild west,’ with little structure or order,” said Larry Warnock, president and CEO of Gazzang. “Customers around the world, in various industries, trust Gazzang to protect their cryptographic keys. With the launch of zTrustee, we are extending that expertise to secure all keys and other information objects that act as gatekeepers for your sensitive data.”
Gazzang zTrustee will be available worldwide in early July 2012. For more information, visit www.gazzang.com/products/ztrustee.
Gazzang provides data security solutions and operational diagnostics that help enterprises protect sensitive information and maintain performance in cloud environments. Gazzang is backed by Austin Ventures and Silver Creek Ventures. For more information, visit www.gazzang.com.