Enterprises continue to race to the cloud and other modern platforms, but legacy encryption approaches that were not designed for the cloud, serverless computing and DevOps processes continue to stumble and expose data. Cloud infrastructure providers, such as Amazon, specify a “shared responsibility” model where enterprises are solely responsible for the security and compliance of their data in the cloud. Baffle’s new Cloud Data Protection Platform gives enterprises the ability to weave data-centric security into the service mesh for cloud-native infrastructure while also accelerating the “lift and shift” to cloud and server-less computing.
The Cloud Data Protection Platform, showcased this week at AWS re:Inforce in Boston, June 25-26, dramatically simplifies encryption and delivers data-centric protection tightly integrated for native Amazon RDS (Relational Database Service) environments. An extension of the core solution, it features:
- Industry’s first encryption solution for AWS Lambda Serverless Compute to enable companies to confidently embrace server-less computing models
- Single-click, secure migration to support AWS Database Migration Services (DMS) to automatically protect cloud workloads during lift-and-shift migration of data to AWS RDS
- Field-level encryption with no application changes to use an integrated BaffleShield™ to protect data in the cloud
- Record Level Encryption (RLE) for AWS RDS to enable multi-tenant SaaS providers to protect data in shared data stores with unique keys per data owner
- Data Shredding to help companies comply with GDPR and emerging privacy regulations
- Data Exfiltration Control (DEC) for AWS RDS to prevent sensitive data from being exfiltrated from databases in excessive volumes
- Full AWS Key Management Service (KMS), AWS CloudHSM, and AWS Secrets Manager support to protect and leverage customer-owned and -managed keys in AWS
- Cloud-scale performance and redundancy. The Cloud Data Protection Platform supports elastic load balancers and auto-scale groups to ensure high availability and scaled performance throughput
- Single-click automated deployment to rapidly provision a comprehensive data protection service mesh across availability zones in minutes
“Encryption is broken. It’s outdated, far too complex, and wasn’t designed for cloud and micro-service environments,” said Ameesh Divatia, co-founder and CEO, Baffle. “As enterprises migrate to new platforms, we continue to see customers struggling to protect their data in the cloud to fulfill their portion of the AWS shared responsibility model.”
“Designed specifically to protect cloud data, Cloud Data Protection Platform for AWS is tightly integrated with multiple AWS. With no code changes, integration with DMS, KMS, RDS, and Lambda, single-click secure migration and deployment, it removes much of the backbreaking, tedious, and expensive work often required with legacy encryption systems that ultimately do nothing to protect customers’ data. As part of the Baffle Advanced Data Protection platform, it provides an abstracted control plane for data-centric security for existing enterprise and new cloud and serverless environments.”
Baffle simplifies enterprise encryption. The company’s modern data-centric encryption and advanced data protection solution is designed for distributed and cloud-native environments, DevOps and micro services. Only Baffle protects data at rest, in memory, in the search index and while in use with AES encryption that requires no application rewrites, no key management changes and no business process breakage. Baffle has raised $10.5 million of financing; its investors include True Ventures, Envision Ventures, ServiceNow Ventures [NYSE: NOW], Thomvest Ventures, Engineering Capital, and Industry Ventures.
Look Left Marketing