Cloud security you can trust

HP Atalla Cloud Encryption combines powerful data encryption with patented homomorphic split-key encryption technology that increases security by an order of magnitude, protecting keys even when they are in use in the cloud. Through the intuitive management console, it’s easy to encrypt any disk or data storage unit with proven encryption algorithms such as AES-256. Once your data is encrypted, it is safe from hackers, unauthorized access, competitors and other threats. This offering is suitable for public, hybrid and private clouds offered as Infrastructure as a Service and Platform as a Service. You can also create as many appliances or agents as necessary giving you the most secure, convenient and cost-effective solution for protecting your data in the cloud.

  • Trusted, Cloud-Based Key Management − only system available that offers the convenience of cloud-based hosted key management.
  • Install and setup in Minutes − includes a virtual appliance that you can install in minutes.
  • Complete data layer encryption in the Cloud − encrypts the entire data layer including virtual disks, databases, files, distributed storage and more.
  • Scalable, Elastic, Automated and Integrated − virtually no impact on application performance or latency. In addition to a convenient management user interface, we also offer a secure cloud-based API.

Key benefits

  • Robust, standards-based data encryption with a convenient, fast and simple management interface
  • Cloud-ready key management using patented Split-Key Encryption
  • Homomorphic key encryption techniques that protect keys even when they are in use
 

HP Atalla Cloud Encryption for Amazon Web Services

HP Atalla Cloud Encryption for Amazon Web Services combines state of the art data encryption with patented homomorphic split-key encryption to offer the most secure, cost-effective solution for safeguarding your data in Amazon Web Services:


  • Full data layer encryption
  • High Performance, Scalability, and Integration
  • Simple, Cost-Effective Management
  • Patented Key Management Technology
  • Learn more

HP Atalla Cloud Encryption for VMware

HP Atalla Cloud Encryption for VMware combines state of the art data encryption with patented homomorphic split-key encryption to offer the most secure, cost-effective solution for safeguarding data in a private or hybrid VMware based cloud:


  • Full data layer encryption
  • High Performance, Scalability, and Integration
  • Simple, Cost-Effective Management
  • Patented Key Management Technology
  • Learn more

HP Atalla Cloud Encryption Agent

With the HP Atalla Cloud Encryption Agent, customers can encrypt data disks directly on their application (host) server, as well as generate virtual encrypted disks inside regular files in an existing file system. All encryption and decryption takes place locally on the host server for maximum performance.

The HP Atalla Cloud Encryption Agent is in addition to the existing capabilities of creating encrypted disks inline from the HP Atalla Cloud Encryption Virtual Appliance, using highly secure cloud key management technology.

The HP Atalla Cloud Encryption Agent connects to a HP Atalla Cloud Encryption Virtual Appliance deployed in a cloud account. The HP Atalla Cloud Encryption Virtual Appliance safeguards your encryption project’s master key and safely generates encryption keys as needed by the HP Atalla Cloud Encryption Agent. As an additional security measure, the HP Atalla Cloud Encryption Agent is provisioned using a secure API key, which allows it to access its own managed crypto keys, but not the master key itself. Disk encryption procedures takes place locally on the host server that runs the HP Atalla Cloud Encryption Agent, and the disk-encryption keys are split between the HP Atalla Cloud Encryption Virtual Appliance and the HP Atalla Cloud Encryption Virtual Key Management (VKM) service.

 

Patented split-key encryption technology

Only HP Atalla CE uses a split key to encrypt every data object. One part of the key is hosted by HP Atalla, while the second part – the master key – is held by the customer. The result is that customers control their data and do not need to trust anyone else with your keys.


  • Automated Key Management: As part of the split-key encryption technology, HP Atalla generates its keys automatically, for ease of management along with maximum security.
  • Secure, cloud-based key management: HP Atalla Virtual Key Management Service is fully cloud-based with no data center deployment required. Split-key encryption enables HP Atalla to offer the convenience and low cost of cloud-based key management, without compromising security.
  • Patented homomorphic key management: Designed for the highest degree of security against key theft by enabling the keys to be used in their encrypted state. With HP Atalla’s Virtual Key Management Service, your master key is never exposed in the cloud.

Homomorphic key encryption: protecting keys in use

HP Atalla Cloud Encryption implements homomorphic key encryption which enables your application to access the data store without ever exposing the master keys in an unencrypted state.

Each data object is encrypted with a key that has two parts: the master key and the second (“banker”) key. When the application needs to access the data store, the secure virtual appliance combines both parts of the key in a mathematical operation. Ordinarily, this would require both parts of the key to be exposed (unencrypted). With HP Atalla Cloud Encryption, both parts of the key are encrypted before and during their use in the virtual appliance. As a result, the keys are fully encrypted when they are resident in customer cloud account.

The solution encrypts the master key differently for each instance of the secure virtual appliance. So even if the cloud account is breached or attacked, and the encrypted master key is stolen, it can never be used to access customer data.

 

Related products

Related services