Security

Unrivalled protection for data in the cloud. Protected from internal and external threats in transport as well as at rest

Security

If the multi-cloud enablement features of Orchesto establish the first set of tools to empower the transition to true multi-cloud, then the multi-cloud orchestration tools enable an optimal setup at all times. However, what is currently slowing down the transition to cloud based solutions the most, is the lack of end-to-end security and ability to secure cloud data. Orchesto provides not one solution to this but a whole set of unique security features to allow companies and organizations to overcome this most important hurdle to increased cloud deployments.

The most basic security feature of Orchesto is the identity and access management (IAM) solution. This feature provides a granular level of control over system resources providing the control to allow access and permit usage of data. The Orchesto IAM feature mirrors the implementation done by AWS. In addition to internal resource control, TLS 1.2+ protocol is used to secure data when in transport. These two basic data security features of Orchesto provide a high level of protection against intrusion when transporting data as well as when storing data. 

To further enhance the security of data in cloud designs, Orchesto provides gateway side encryption support. This ensures that data is protected by encryption all the way from customer premises to and including any cloud deployment. By use of gateway side encryption, the security perimeter of the company is extended to include all cloud service suppliers connected to Orchesto.

In this setup, data is encrypted at the immediate proximity to where customer data is generated. Data is encrypted in transport and at rest in the cloud. The Orchesto gateway side encryption is pre-integrated with a Key Management System (KMS) where customers own and manage their own sets of keys. Orchesto is in this way empowering customers to be in complete and sovereign control over how their data is secured.

When using the Orchesto Fort there is also support for the definition and configuration of immutable buckets as well as versioning to provide data protection for external as well as internal threats and errors.  Making the bucket immutable secures that no object version will be deleted without data owner’s permission.

On top of protecting data from unauthorised access, interception and/or faulty handling of any sort, Orchesto is capable of further protecting data by dispersing it across multiple clouds. Data is dispersed using the unique Zebware Information Dispersal Algorithm (zIDA). When activated, zIDA transforms a data object into fragments which are then dispersed to different clouds. This procedure makes it practically impossible to retrieve the original data from any other place than the original source.

Adding zIDA on top of the other Orchesto security features, such as gateway side encryption, TLS, IAM and configuration of immutable buckets, completes the comprehensive set of security functionality offered by Orchesto. This set effectively reduces the risk for and mitigates the impact of data loss and data breach.

Functionality under Security

Orchesto Fort

Securing data all the way and always by separating data owner and application owner rights

Read more

Identity and Access Management

Manage access to your resources securely with IAM.

Read more

Gateway Side Encryption

Encrypt objects before it even leaves your network.

Read more

zIDA

Disperse your data for maximum security with the zIDA patented algorithm.

Read more

Learn more about the other cornerstones of Orchesto

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form. Maybe you have content blocking turned on.
Zebware
© 2019 Zebware AB. All Rights Reserved. All trademarks and registered trademarks are the property of their respective owners.

This site uses cookies to assist us with analyzing your use of our website and provide content from third parties.