Entrust Strengthens Cloud Security Play with Second Acquisition

Hot on the heels of its nCipher Hardware Security Module (HSM) business purchase from Thales in 2019, Entrust recently announced the completion of another high-profile acquisition with HyTrust, a U.S. outfit specialized in data encryption, key management, and cloud workload security. The firm’s product offerings—KeyControl, DataControl, and CloudControl—will be integrated into Entrust’s Data Protection Solutions segment, delivering an attractive and broad cloud-based service proposition to the enterprise market.

The acquisition of HyTrust provides Entrust with two key advantages. The first is that it significantly expands Entrust’s cloud capabilities that it started building up in the past year. While the firm has a few authentication and credentialing cloud tools, the nCipher business acquisition allowed it to penetrate the cloud security market more dynamically with the offer of HSM-as-a-Service. Entrust strengthened this offering by achieving the Cloud Security Alliance (CSA) STAR Certification for nShield-as-a-Service, servicing both cloud and container-based infrastructures. With HyTrust, it can build on that capability by offering security policy enforcement, as well as encryption and key management for workloads in multi-cloud environments (including VMware, Azure, and AWS, among others).

The second advantage is that HyTrust and nShield already have integration due to a past partnership with Thales, notably through the KeyControl offering. This will make it easier to onboard existing HyTrust customers, simplifying processes for those using nCipher. Further, it provides an experienced-based opportunity to upsell the new HyTrust solutions to existing Entrust customers. With already significant pull in the financial and government markets, Entrust’s expanded cloud security offerings are an opportunity to more specifically target enterprises that are considering cloud-migration and are worried about finding a provider that can offer high assurance and compliance-level security for their key management solutions and for securing their cloud infrastructure.  

Security providers need to be focusing on offering dynamic cloud-based security as enterprises increasingly look towards service-based architectures for their business needs and operations. Whether in the IoT, blockchain, Industry 4.0, or 5G domains, cloud (public and private) is the infrastructure that is being requested to host, run, and manage myriad enterprise and consumer applications.

Security plays a dual role here: the first in ensuring the cloud architecture itself is secure, and the second in that security tools (such as encryption key management) work as well in the cloud as they do on-prem. These concerns for enterprises are not trivial. They need to be sure that a migration will provide the same levels of security as they had previously (and this at a cost-effective price), and further that it doesn’t become overly complex or costly for them to manage, especially since they may lose some visibility into potential threats and vulnerabilities once they move to the cloud. The opportunities for security-as-a-service and managed security services markets are therefore substantial if they can address both concerns.

In order for security providers to realize this opportunity, their strategy needs to not only provide flexible and simple-to-use security offerings to enterprises, but also to the hyperscalers and cloud providers delivering the infrastructure. The latter is as important as the former, not least because these infrastructure providers are the ones driving the cloud-native world. Multi-cloud, API-driven, interoperable security products that can be equally customized or run off-the-shelf will be the true winners.