Terry Woloszyn, Founder of PerspecSys Inc., emphasized security and compliance in his general session at the 4th International Cloud Computing Conference & Expo, held at the Santa Clara Convention Center, Nov. 2 - 4.
In his session - "Addressing Data Privacy, Residency, and Security when Adopting Cloud Applications" - he focused on new technologies and techniques that allow sensitive data to appear to be in the cloud, but really remain behind the enterprise firewall. Woloszyn emphasized that "there should be a segregation of the data and the functionality. All the business sensitive date should be behind the firewall."
He then outlined the approaches to addressing Data Privacy, Residency, and Security (PRS) when adopting the cloud. "A PRS solution should ensure the business sensitive data never leaves your database," he noted.
You need to ensure compliance and give control for future use of sensitive information across a plurality of SAAS. "If I can keep the data behind the firewall than I can keep it as secure as I want," Woloszyn continued. Even if cloud solution is somehow released, the hacker only gets replacement documents. "Next time you are looking to adopt Software as a Service, you will have to go through a security audit."
He then continued to review some of the more pressing public cloud adoption challenges that face organizations today regarding security, regulatory and standards compliance. "You have to be more encompassing in your adoption of the enterprise space," he noted.
At the end, Woloszyn noted, "You can have the best of both worlds - leveraging public cloud application functionality, while sensitive data remains at home."
About Cloud News Desk Cloud Computing News Desk brings the latest industry news related to the Cloud paradigm of massively scalable IT resources and capabilities delivered as a service using Internet technologies. For up to date news on the International Cloud Computing Conference & Expo series, the easiest way is to follow it on Twitter.
Reader Feedback: Page 1 of 1
#1
carl fiorina commented on 5 Nov 2009
Great article, very timely for today. You may also want to think about Citadel Remote Backup, which allows you to use various Encryption Standards. Depending on the country you are in and the version some of the standards may not be available.You can learn more at http://www.CitadelBackup.com it's the best, it's HIPAA, Sarbanes Oxley (SOX) and FEMA compliant. You can read a remote backup product review at http://www.BestRemoteBackup.net
DES The old US Federal Standard
TDES A much more secure form of DES
Blowfish Probably the most secure of all. It uses a key length that is variable from four bits to 448 bits.
AES The new US Federal Standard. Remote Backup supports three levels of AES from 128 bits to 256 bits. 256 bit AES is very secure, but it is also slow.It is usually advisable to change your Encryption Key periodically. Your Encryption Key is literally the key to your data. It is used to lock up your data so nobody else can see it, and like a regular key, if you forget it, you may not be able to recover your data. And it's advisable to use a completely random string of characters, symbols and numbers. Not your dog's name.
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
.gif)
