AFORE Solutions’ goal has been to provide not only data at rest encryption but also data in motion encryption at all levels of the cloud stack, such that not even the cloud providers can see or change your data. This level of confidentiality does not exist within existing public or private clouds without a little help. AFORE Solutions started with SecureVSA, which provided encryption at rest but had the limitation of requiring the cloud providers to be involved in the process. Now, they have two new products that provide data at rest (and in motion) encryption without the cloud providers being in the know. Actually, the cloud providers do not need to do anything. This is a big win, in my opinion, as if you encrypt data, no one but those with that ability should be able to decrypt the data.  The new additions are targeted towards Desktop as a Service but will apply to other types of workloads.

SecureVM provides the ability to encrypt the boot volumes and other volumes of the virtual machine hosted within a public cloud. If the boot volume is encrypted, authentication is required to boot the virtual machine. If the other volumes are encrypted, authentication is required to unlock them. Not only that, but everything builds on each other; one of the requirements to unlock a volume could be that the virtual machine reside within SecureVSA, or even that the boot volume is encrypted with SecureVM.

SecureFILE provides encryption of data at the file level accessed either by a specific application or directly. If you do not have the proper credentials, user, and other attributes, which include the use of the proper application booted from a VM using SecureVM or accessed through SecureAPP, the data will not be available for use.

What AFORE Solutions has done is added security to the access of data by wrapping the data with a security context that can be simple or as complex as needed. The target for these new encryption tools is Desktop as a Service running Windows, as SecureAPP works predominately with Windows applications today. We have needed a more robust security context for data stored in clouds, and these tools add to our existing toolbox.

For more information, read the press release.

Share this Article:

Share Button
Edward Haletky (371 Posts)

Edward L. Haletky, aka Texiwill, is the author of VMware vSphere(TM) and Virtual Infrastructure Security: Securing the Virtual Environment as well as VMware ESX and ESXi in the Enterprise: Planning Deployment of Virtualization Servers, 2nd Edition. Edward owns AstroArch Consulting, Inc., providing virtualization, security, network consulting and development and The Virtualization Practice where he is also an Analyst. Edward is the Moderator and Host of the Virtualization Security Podcast as well as a guru and moderator for the VMware Communities Forums, providing answers to security and configuration questions. Edward is working on new books on Virtualization.

[All Papers/Publications...]

Connect with Edward Haletky:


Related Posts:

Leave a Reply

Your email address will not be published. Required fields are marked *


four − 2 =