Cloud Encryption

Cloud encryption is recognized as a basic building block of cloud security. Data at rest is no longer between the proverbial "four walls" of the enterprise; the data owner is managing their own data with browsers and cloud APIs, and the concern is a hacker may do the same.

In this collection of articles, we explore topics such as the risk scenarios; cloud encryption for cloud database security, transparent data encryption in the cloud, integrity protection for cloud data security, and S3 encryption for Amazon Simple Storage Service.

Does Data Need to Go Overseas?

Encryption in the Cloud - data overseas

  Is data security in cloud computing possible in 2014? Recent reports on NSA spying have eroded trust in US-based cloud providers.  This is especially true for non-USA-based customers that use cloud services offered by US companies.  They see using an American cloud provider as a risk because they assume their data could be accessed […]

Data Security in the Cloud: Beyond Traditional Data Center Controls

Data Security in the Cloud

Traditional data center security has used physical controls: walls, locks, “air gaps” between the servers that serve different projects, and guards at the gate, along with tools such as Firewalls and antivirus software. Encryption has been less prevalent in traditional data center settings. I recently visited with a large bank and talked with its CISO. […]

Encryption Key Rotation: April’s Cloud Security Tip of the Month

Encryption Key Rotation

In the cloud security world, we started 2014 still reeling from NSA corruption and Target hacks.  In January, our cloud security tip was cloud encryption, which we expanded on in February to include encryption key management. In March, we explored cloud security compliance requirements and what we can all learn from them about protecting our […]

When Cloud Data Encryption is Not Enough

cloud data encryption

Your customers are concerned about the privacy of their data and you need to assure them you are doing everything to protect them. Meanwhile, cloud data requires strong security and regulations like PCI DSS and HIPAA benefit from strong encryption. So, you encrypt.  You use strong encryption methods, like AES-256.  You can now rest easy […]

Cloud Computing Security Needs: 7 Steps to Migrate to the Cloud

Cloud Computing Security

In 2008, the size of the cloud computing industry was $46 Billion. That is more than the GDP of Costa Rica! Think it’s a lot? Ready to jump on the cloud security bandwagon? That was 2008! In 2014, the size of the cloud computing industry has more than tripled to $150 Billion – almost the […]

WIRED: Cloud Security for Mission-Critical Workloads

Cloud Security on Wired Insights

Your business’s value add is tied into an application that was custom built for you. It encapsulates many of your values and competitive advantages. Due to its sensitive nature, you have resisted taking it to the cloud. But you also understand the cloud benefits and know that moving your most sensitive value adding applications to […]

Answering Common Cloud Security Questions from CIOs

Cloud Security on InfoQ

from With the news stories of possible data breaches at enterprises like Target, and the current trend of companies migrating to cloud environments for the flexibility, scalability, agility, and cost-effectiveness they offer, CIOs have been asking hard questions about cloud security. As CIO, protecting your data (and your users) is one of your key […]