Articles / Cloud Encryption Security Broker

on 27 Nov 2018

I don’t like the Gartner IT Glossary. Take, for example, their weird definition of Connection: “A unique, active service access point to a network. This includes machine-to-machine access as well as human access. In mobile networks, this may be taken to refer to an active subscriber identity module (SIM). A single subscriber may operate several different cellular connections and multiple connections may be associated with one customer or one mobile device.”

This awful and inaccurate sentence wins my award for the single worst technical definition of a general concept that has ever been written. In fact, it is so bad, that I just started creating my own new glossary. I promise to let you know when it’s done. In the meantime, please refer to something else, anything else, to find a reasonable definition of technical concepts. I suspect that any random Dilbert cartoon might supply better definitions – and I mean that.

Now that I’ve offered my little preamble, let me say that I’m going to coin a new term here in a Gartner-esque manner, and it was prompted by a recent technical review with a fine Canadian cyber security start-up called Cord3. Founded by a small team of encryption experts with National Defense backgrounds, the company explained their solution to me – and after listening and thinking . . . I got excited. Here is what I learned:

“We provide our customers with a transparent, data-centric security capability,” explained Kevin Rankin, CEO of Cord3. “The solution involves symmetric encryption implemented as a transparent overlay, to protect data-at-rest stored either on-premise or in cloud. For cloud computing, we provide a proxy-based function that ensures end-to-end protection for data, regardless of where it is stored or used.”

Rankin explained that the use-cases Cord3 supports today include protection of Microsoft Exchange email assets such as Office 365 in the Microsoft cloud, and protection of files stored locally or remotely. “We selected these use-cases based on discussions with our initial customers,” Rankin explained – and I had to agree that the business prospects for encryption of email would be particularly attractive to paying customers.

When I asked Rankin how these use-cases might generalize to a variety of emerging virtual enterprise architectures, things got interesting fast. We agreed during the discussion that the concept of a “man-in-the-middle” solution offering encryption services between users and their data – regardless of the logical or physical infrastructure, represented a concept that we thought best represented by the term: Cloud Encryption Security Broker or CESB.

Despite the adjacency to bad Gartner acronyms, I had to admit that the term made good sense, and I agreed to provide a glossary definition here: “A CESB provides transport-oriented, man-in-the-middle encryption to ensure end-to-end protection for data accessed locally or remotely.” This definition (which I’ll include in my new glossary) helps to explain precisely what Cord3 does for Exchange, Office 365, and unstructured files. 

“Our value proposition is that we keep the responsibility for protecting data – and this includes management of cryptographic keys – in the hands of the owner,” Rankin explained. “For any enterprise users who choose not to trust their data to the cloud, we are a great option.” I agree with his assessment, and this will become a more powerful statement as the company expands its use-cases to additional local and cloud computing options.

If you are presently running Exchange servers in your local enterprise, or if you would like to create an end-to-end data protection offering for Office 365 or unstructured files on your LAN or in the cloud, then please give Kevin Rankin and his team at Cord3 a call. I suspect you’ll find that his aggressive team can provide you with a significant improvement on your existing data protection solution.

Oh, and by the way, here is a much-improved definition of Connection – one that I will offer for free to my glossary-challenged competitors at Gartner: “A connection is any relation between two or more logically or physically separate entities established to accomplish some purposeful mission.” Now that’s something you can include in a technically accurate glossary. Let’s see if they decide to make the edit.