Is data security in cloud computing possible in 2014? Recent reports on NSA spying have eroded trust in US-based cloud providers. This is especially true for non-USA-based customers that use cloud services offered by US companies. They see using an American cloud provider as a risk because they assume their data could be accessed […]
Cloud encryption is recognized as a basic building block of cloud security. Data at rest is no longer between the proverbial "four walls" of the enterprise; the data owner is managing their own data with browsers and cloud APIs, and the concern is a hacker may do the same.
In this collection of articles, we explore topics such as the risk scenarios; cloud encryption for cloud database security, transparent data encryption in the cloud, integrity protection for cloud data security, and S3 encryption for Amazon Simple Storage Service.
Traditional data center security has used physical controls: walls, locks, “air gaps” between the servers that serve different projects, and guards at the gate, along with tools such as Firewalls and antivirus software. Encryption has been less prevalent in traditional data center settings. I recently visited with a large bank and talked with its CISO. […]
In the cloud security world, we started 2014 still reeling from NSA corruption and Target hacks. In January, our cloud security tip was cloud encryption, which we expanded on in February to include encryption key management. In March, we explored cloud security compliance requirements and what we can all learn from them about protecting our […]
Your customers are concerned about the privacy of their data and you need to assure them you are doing everything to protect them. Meanwhile, cloud data requires strong security and regulations like PCI DSS and HIPAA benefit from strong encryption. So, you encrypt. You use strong encryption methods, like AES-256. You can now rest easy […]
Your business’s value add is tied into an application that was custom built for you. It encapsulates many of your values and competitive advantages. Due to its sensitive nature, you have resisted taking it to the cloud. But you also understand the cloud benefits and know that moving your most sensitive value adding applications to […]
from InfoQ.com: With the news stories of possible data breaches at enterprises like Target, and the current trend of companies migrating to cloud environments for the flexibility, scalability, agility, and cost-effectiveness they offer, CIOs have been asking hard questions about cloud security. As CIO, protecting your data (and your users) is one of your key […]