• No results found

Gazzang is going gangbusters with key management for MySQL and the cloud

N/A
N/A
Protected

Academic year: 2021

Share "Gazzang is going gangbusters with key management for MySQL and the cloud"

Copied!
5
0
0

Loading.... (view fulltext now)

Full text

(1)

Gazzang is going gangbusters with key

management for MySQL and the cloud

Analyst: Rachel Chalmers Wendy Nather

7 Feb, 2011

Gazzang's first product is 'set and forget' encryption for MySQL databases, but its long-term ambitions are far grander: to make cloud computing enterprise-ready. The company plans to build out from a beachhead as a value-add on top of the free eCryptfs tool to become the default option for transparent data encryption in LAMP and, ultimately, cloud-computing development. To that end, it has designed an innovative new key management system.

The 451 Take

Gazzang provides database encryption and key management for customers who are adopting MySQL in order to comply with (for example) PCI-DSS. That's an enormous market, but it's also a gateway to larger markets: the whole LAMP stack, for example, and even cloud

computing. Gazzang's challenge will be to demonstrate that it adds significant value on top of free tools like eCryptfs. Its Key Storage System is likely to emerge as an important

differentiator.

Context

The Gazzang management team includes president and CEO Larry Warnock, who sold Phurnace Software to BMC; VP of business development and marketing Chris Gillan, formerly of BindView and BMC; and director of development Eddie Garcia, a veteran of AMD, PentaSafe, NetIQ and Perficient. In December 2010, the company raised $3.5m in series A funding from Austin Ventures,

(2)

Strategy

Gazzang identifies the rapid adoption of the LAMP stack as a key opportunity. With the adoption of the LAMP technologies, executives believe, come the private, public and hybrid clouds. The

challenge of cloud adoption is the lack of sophisticated tools to exert control over any

mission-critical code and data entrusted to it. Gazzang's founders believe the biggest technology hole is around data security.

The company's strategy, therefore, is to offer cloud data security through encryption. In the short term, Gazzang will sell what it calls 'practitioner' products. It aims at repeat sales into the same buyers within its installed base. Eventually, the company plans to build these point products out into a high-performance encryption platform that can encompass all elastic and cloud-computing deployments.

Technology

Gazzang's first product is a data-encryption tool for MySQL. The company likes to claim that the world's largest open source database is not secure. It's a bit more complicated than that. Gazzang's ezNcrypt acts as a file system layer between Linux's virtual file system (vfs) and the concrete file systems underneath it (such as ext2/3/4, FS, NFS, XFS and ReiserFS). It uses the eCryptfs module that is native to Linux kernel 2.6.18 and above.

Data is encrypted transparently. That's very important, given that Gazzang will compete primarily with the do-it-yourself approach. Developers say eCryptfs is not very hard to use, but ezNcrypt should make it even simpler. With Gazzang's software, organizations shouldn't need to change their own applications, code or MySQL deployments. Once ezNcrypt is in place, the database should be protected even from its own users. No user – including root – should be able to unlock the data without the key. The MySQL process is the only one authorized to retrieve the key that can unlock the data.

Gazzang's core value proposition lies in its proprietary Key Storage System. As the company explains it, two layers of encryption protect each message that passes between the customer machine and the server. One layer uses asymmetric encryption (https); the other uses symmetric encryption via an industry-standard algorithm such as AES, Blowfish or Twofish. The clever part, the company says, is that messages between the customer machine and the Gazzang server are never encrypted the same way twice.

(3)

Customers

MySQL is a big market. The open source database is downloaded 65,000 times per day, and regulatory regimes like GLBA, HIPAA and PCI-DSS are driving its adoption. Gazzang already boasts over 50 customers spread across education, finance, healthcare and the Web. The 451 Group spoke to Hartford Hospital, which uses ezNcrypt to provide transparent encryption for the MySQL

database that underlies its Health Information Exchange. Hartford is pleased with the results. Look for a forthcoming User Deployment Report on this customer.

However, Gazzang sees a bigger opportunity beyond MySQL in encrypting the whole LAMP stack, and beyond that, the cloud. The ezNcrypt for MySQL product is shipping now. In Q1 or Q2 of 2011, Gazzang plans to ship ezNcrypt for the entire LAMP stack. By mid 2011, the company hopes to ship ezNcrypt for Cloud, including modules for access control, audit logging, key management, the eCryptfs layer, usage metering, configuration security, core encryption, licensing, MySQL user-defined functions and a kernel keyring interface.

Competition

In the symmetric key management world, Gazzang goes up against independent Venafi, EMC security division RSA, Thales e-Security (which acquired enterprise key management pioneer nCipher) and IBM. Thales has, in recent months, looked to cultivate partnerships with encryption vendors to address the need for PCI-DSS compliance and upstream protection of cryptographic keys. Meanwhile, encryption vendors SafeNet and PGP (now part of Symantec) have articulated another take on data security for the cloud, with a strong emphasis on enterprise key management and encryption.

Trend Micro's SecureCloud offering, announced in August 2010, provides very similar functionality; its main difference is that SecureCloud uses block-level encryption, so it's data-agnostic and will handle database files as well as flat files, video and any other kind. Once SecureCloud

authenticates the requesting client and delivers the data, it is decrypted for any and all use on the client side. Gazzang's database-centric encryption restricts decrypting to any but authenticated database users and processes, so the data remains protected even on the client side.

SWOT Analysis

(4)

Gazzang's founders have a thoroughbred pedigree. The company has identified a fast-growing market and has pitched its first product at the practitioners who can become evangelists within an enterprise.

Gazzang must demonstrate exactly how ezNcrypt simplifies the use of eCryptfs. It also needs to educate its market both in how its Key Storage System works and why key management is important.

Opportunities Threats

MySQL is exploding in popularity. The LAMP stack is growing with it, and both are the default choice of agile programmers targeting private, public and hybrid cloud deployment.

The importance of key management for the cloud has not escaped the attention of security giants EMC RSS, Symantec and IBM.

(5)

Reproduced by permission of The 451 Group; © 2014. This report was originally published within 451 Research's Market Insight Service. For additional information on 451 Research or to apply for trial access, go to: www.451research.com

References

Related documents

MS Cloud Services EPM standard modules + configuration best practice EPM standard modules + configuration best practice Enterprise Program Management. Cloud

IT performance management tools are following application workloads to the cloud, giving users lightweight, low-overhead monitoring services for modern distributed workloads.. The

9.2.1 A medical director with a full time commitment to the operation of the ICU and who is a Fellow of the College of Intensive Care Medicine. The medical director must have

If the applicant fails to attend a pre-arranged screening interview without good reason the application should be considered on the material available to the decision maker and, if

Nielsen and colleagues (2012) used the same registers to characterize patients with adult onset schizophrenia (mean age of onset 26.2 years) that were first prescribed

Cloud Consumer Cloud Provider Cloud Service Management Cloud Carrier Cloud Auditor Cloud Consumer Provisioning/ Configuration Portability/ Interoperability Security Audit

■ Using the Cloud Storage Configuration Wizard ■ Using the Disk Pool Configuration Wizard ■ Using the command line for cloud configuration ■ About NetBackup Key Management

Base: 230 IT executives in North America and Europe Source: A commissioned study conducted by Forrester Consulting on behalf of TeamQuest, March 2011. The proportion of