“Most SaaS providers don’t provide multi-tenant data protection and choose to rely on data at rest encryption for all of their customers’ data,” Ho explained. “They have avoided this highly effective security control because of the overhead of implementing the code changes to encrypt data for each of their customers separately and the complexity of managing keys for each customer. Despite their names, AWS and other CSPs only provide key storage and leave the management and lifecycle of the encryption keys to the application.”

Baffle essentially offers a drop-in solution for multi-tenant encryption for SaaS providers that handles customer data in databases, and now, S3, without any code changes to their applications, Ho added. The new offering, Baffle claims, will reduce the cost of implementing and managing multi-tenant security, decrease data security risks, and increase SaaS providers’ customization and scaling abilities.