Computing has evolved rapidly over the past years from an “on-premise” / physical server per application, to virtualization, and most recently to cloud computing (as software, platform, or infrastructure as a service). Cloud computing brings many advantages such as elasticity, flexibility, and pay-per-use, but when looking at cloud computing security, the picture is much more complex.
As businesses seriously consider migrating to the cloud, one of the most significant concerns is cloud computing security. Data at rest – information stored on a disk or other media – is traditionally considered secure when it is located within the four walls of a company’s data center. But once it is moved to the cloud, an inherently public space, it becomes vulnerable to a number of possible threats:
- Stolen administrator credentials: If log-in credentials for the cloud user interface are lost or stolen, anybody can access all virtual servers which are part of the account, and create for example a snapshot of the stored data.
- Hackers: Can exploit virtual-machine vulnerabilities and cloud application vulnerabilities to break into co-hosted virtual machines.
- Cloud employees: A corrupt employee of a cloud provider could access or copy data.
- Competitors: Can obtain a court order to access data and the cloud provider will have to hand it over.
- Governments: Recent legislation gives government agencies the ability to access data from cloud providers without the consent of the owner.
Cloud Computing Security to the Rescue
Keeping data private and secure has always been a business imperative. Today, with enterprises migrating to the cloud the cloud computing security challenge is even greater. For many companies and organizations, it has also become a compliance requirement. Standards including HIPAA, Sarbanes-Oxley, PCI DSS and the Gramm-Leach-Bliley Act all require that organizations protect their data at rest and provide defenses against threats.
Cloud providers offering Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) to customers are not responsible for protecting customer applications and data (in fact, a typical agreement between you and your cloud provider will usually state that ““…you acknowledge that you bear sole responsibility for adequate security…”). Their cloud security responsibility extends to the network and the infrastructure alone. So businesses hosting their applications in the cloud share responsibility for ensuring the security of their data.
The industry consensus is that Encryption is an imperative first step in achieving cloud computing security. An effective solution needs to meet four critical needs: High security, convenient management, robust performance and regulatory compliance.
Porticor’s Virtual Private Data system combines state of the art encryption with patented key management to protect critical data in public, private and hybrid cloud environments. Within minutes, customers can encrypt their entire data layer with the proven AES 256-bit encryption algorithm. Porticor’s patented Virtual Key Management service solves the biggest challenge for data encryption in the cloud – storing the keys. With breakthrough homomorphic split-key encryption technology, Porticor Virtual Private Data is the only system available that offers the convenience of cloud-based key management without sacrificing trust.