SOURCE: Bracket Computing

Bracket Computing

May 16, 2017 09:30 ET

Bracket Computing Introduces Built-In Provability of Compliance for the Cloud

With its Workload Isolation technology, the Bracket Computing Cell limits audit scope, and eliminates the need to manually maintain and prove compliance

MOUNTAIN VIEW, CA--(Marketwired - May 16, 2017) - Bracket Computing, the pioneer of Full Workload Isolation for the Enterprise Cloud, today announced that the provability of PCI and HIPAA compliance is now available for organizations running regulated data in the hybrid cloud. Bracket's Workload Isolation solution, called the Computing Cell, is the first technology to build in provability of compliance by limiting audit scope, protecting regulated data, and ensuring consistent security controls across hybrid cloud environments. The Bracket Computing Cell also performs continual compliance monitoring as a standard operation of its virtual infrastructure so that provability of compliance is a steady state. This innovation marks a significant opportunity for all organizations that capture sensitive personal credit card or healthcare data to take advantage of the scale and performance of the hybrid cloud.

Compliance in on-premise environments is a known entity, and does not present a problem for the modern organization. But enterprises are increasingly looking to leverage the flexibility and nearly infinite capacity of the hybrid cloud, and compliance in that environment presents nearly insurmountable challenges. In fact, the same things that make the hybrid cloud so attractive also make it difficult to manage: its scale, the lack of a consistent infrastructure, and the difficulty of implementing consistent controls across a heterogeneous environment. Even if policies could be consistently enforced, it's impossible to get visibility across such a diverse infrastructure.

The Bracket Computing Cell solves the problem of compliance in the cloud by building the technical safeguards to protect regulated data -- using encryption, key management, policy enforcement, and micro-segmentation -- but also by tying policies to workloads rather than any underlying infrastructure. This allows the Computing Cell to ensure the enforcement of a single, complete set of security policies and audit controls for enforcement by extending micro-segmentation across a workload's network, storage, and computing resources -- whether those assets reside on VMs on premise, or public cloud infrastructures like Amazon Web Services, Microsoft Azure, Google Cloud Platform, or some mixture of them all. This consistent set of controls also performs continual monitoring, automatically. This capability means that evidence of provability of compliance is not a separate operation that needs to be completed in advance of an audit, but rather is a steady state of the Computing Cell's operation, and as such, is constantly available for audit.

"We're very excited to offer this capability to enterprises in the healthcare, payment processing, and financial arenas," said Jason Lango, Bracket's Chief Technology Officer. "The modern enterprise is moving to the cloud. By building in compliance and its provability as a function of our technology, we're removing a major hurdle for enterprise cloud and hybrid cloud adoption."

At the heart of the Computing Cell is the Metavisor™, an advanced virtualization technology that sits between the cloud provider's hypervisor and the guest operating system and allows protection services to be inserted and audited transparently with no impact to developers or data center operations teams. Controls enforced via the Metavisor cannot be turned off without IT involvement -- essentially creating an audit floor for regulatory policies.

Bracket's technology is also the first that prevents the unintended growth of compliance zones, a major cause of audit failure. Enterprises try to limit audit scope by controlling and limiting the environment that handles CHD (card holder data), but it's virtually impossible to control the spread of that data as it's replicated, backed up, or simply accessed from servers outside the compliance zone.

By comparison, Bracket's Workload Isolation architecture cryptographically isolates personal data both at rest and in motion on the network at each individual VM -- and provides proof of it. This limits audit scope and gives compliance teams the assurance they need that the resources that have access to that data are secure, because the keys for decryption are never released to instances outside the scope. And since changes in IAM (identity and access management) or administrative privileges can never bypass Bracket's enforcement of these controls, auditors get the strongest possible guarantee of compliance.

For more information, please visit

About Bracket Computing

Bracket Computing was founded with the ultimate goal of empowering enterprise IT with controls to stop the spread of malware, malicious insiders, and mistakes without impacting the speed and agility of the self-service cloud. The Bracket Computing Cell, the first Full Workload Isolation solution for the hybrid cloud, uniquely combines net-new compute, storage, and network controls that can't be turned off -- even with root access. Today, the Cell is enabling large enterprises in financial services, media, and other verticals to run their most sensitive production workloads securely on hybrid cloud.

Contact Information

  • Media contact:
    Suzanne Matick
    for Bracket Computing
    Phone: 831-234-0809