If the multi-cloud enablement features of Orchesto establish the first set of tools to empower the transition to true multi-cloud, then the multi-cloud orchestration tools enable an optimal setup at all times. However, what is currently slowing down the transition to cloud based solutions the most, is the lack of end-to-end security and ability to secure cloud data. Orchesto provides not one solution to this but a whole set of unique security features to allow companies and organizations to overcome this most important hurdle to increased cloud deployments.
The most basic security feature of Orchesto is the identity and access management (IAM) solution. This feature provides a granular level of control over system resources providing the control to allow access and permit usage of data. The Orchesto IAM feature mirrors the implementation done by AWS. In addition to internal resource control, TLS 1.2+ protocol is used to secure data when in transport. These two basic data security features of Orchesto provide a high level of protection against intrusion when transporting data as well as when storing data.
To further enhance the security of data in cloud designs, Orchesto provides gateway side encryption support. This ensures that data is protected by encryption all the way from customer premises to and including any cloud deployment. By use of gateway side encryption, the security perimeter of the company is extended to include all cloud service suppliers connected to Orchesto.
In this setup, data is encrypted at the immediate proximity to where customer data is generated. Data is encrypted in transport and at rest in the cloud. The Orchesto gateway side encryption is pre-integrated with a Key Management System (KMS) where customers own and manage their own sets of keys. Orchesto is in this way empowering customers to be in complete and sovereign control over how their data is secured.
When using the Orchesto Fort there is also support for the definition and configuration of immutable buckets as well as versioning to provide data protection for external as well as internal threats and errors. Making the bucket immutable secures that no object version will be deleted without data owner’s permission.
On top of protecting data from unauthorised access, interception and/or faulty handling of any sort, Orchesto is capable of further protecting data by dispersing it across multiple clouds. Data is dispersed using the unique Zebware Information Dispersal Algorithm (zIDA). When activated, zIDA transforms a data object into fragments which are then dispersed to different clouds. This procedure makes it practically impossible to retrieve the original data from any other place than the original source.
Adding zIDA on top of the other Orchesto security features, such as gateway side encryption, TLS, IAM and configuration of immutable buckets, completes the comprehensive set of security functionality offered by Orchesto. This set effectively reduces the risk for and mitigates the impact of data loss and data breach.
Functionality under Security
Orchesto-Fort is the secure and protected hybrid cloud storage bucket.Read more
Add an additional layer of protection to your data and recover from unintended user actions and application failures.Read more
Orchesto Immutable Buckets
Secure the integrity of your data at any time by safeguarding it from being altered or deleted with the Orchesto immutable bucket configuration.Read more
Orchesto Identity and Access Management
Manage access to your resources securely with IAM.Read more
Orchesto Cloud Encrypt
Encrypt objects before it even leaves your network.Read more
Disperse your data for maximum security with the zIDA patented algorithm.Read more