MCLEAN, VA -- (Marketwired) -- 06/04/14 -- Perspecsys, the leader in enterprise cloud data protection, announced today that it received a written ruling from the U.S. Department of State's Directorate of Defense Trade Controls (DDTC) confirming that technical data secured using Perspecsys tokenization can be processed outside the U.S. through the cloud without obtaining an export license under the International Traffic in Arms Regulations (ITAR).
In its groundbreaking decision, DDTC reinterpreted the ITAR to authorize the use of Perspecsys tokenization to process ITAR technical data in the cloud without a license, even where the tokenized technical data may be transferred to servers located outside the United States. DDTC's new interpretation shifts the regulatory landscape -- opening the cloud to companies subject to the ITAR.
In the past, organizations had explored the use of encryption to secure ITAR-controlled data in the cloud. While more secure than plain text, encryption failed to materialize as a viable cloud computing solution for companies subject to ITAR. Encryption presents a fundamental security concern because encrypted data on the cloud can be decrypted and exposed through the use of a key or mathematical derivation.
Perspecsys tokenization differs significantly from encryption, as there is no cipher algorithm to mathematically transform tokenized data back to its clear text. Implementing Perspecsys' tokenization solution means that clear text ITAR data stays within the owner's secured network and never leaves the owner's control in any format -- providing maximum security and compliance.
"We're no strangers to regulations and compliance and have worked to help companies in regulated industries around the globe utilize the cloud without violations," said David Canellos, president and CEO, Perspecsys. "We took the initiative to approach DDTC with the proposition that Perspecsys' tokenization cloud solution would satisfy ITAR requirements. The DDTC ruling that our tokenization product will not require an ITAR license is not only validation for Perspecsys, but a complete game changer for ITAR-governed companies who were previously unable to work how they wanted -- in the cloud."
"Perspecsys has developed a way to put ITAR data in the cloud securely through tokenization, which will make life much easier for the defense industry," said Richard A. Clarke, former Senior White House Advisor on Cyber Security. "As someone who, as Assistant Secretary of State, was once responsible for ITAR enforcement, I welcome this creative use of technology to enable compliance."
Perspecsys customers are able to tokenize data in a DDTC-approved fashion via the Perspecsys AppProtex Cloud Control Gateway. The AppProtex Gateway intercepts sensitive data while it is still on-premise and replaces it with a random tokenized value, rendering it meaningless should anyone outside of the company access the data while it is being processed or stored in the cloud. The gateway does this while remaining completely transparent to cloud application users -- they have full use of critical capabilities such as Searching, Sorting and Reporting, even on data that has been strongly tokenized.
Perspecsys Inc. is a leading provider of cloud data control solutions that enable mission critical cloud applications to be adopted throughout the enterprise. Perspecsys gives organizations the ability to understand how employees are using cloud applications and take the necessary steps to protect sensitive information before it leaves the network. By removing the technical, legal and financial risks of placing sensitive data in the cloud, Perspecsys makes the public cloud private. Based in Toronto, Perspecsys Inc. is a privately held company backed by investors, including Intel Capital, Paladin Capital and Ascent Venture Partners. For more information please visit www.Perspecsys.com and follow us on Twitter @Perspecsys.