SYS-CON MEDIA Authors: Zakia Bouachraoui, Elizabeth White, Liz McMillan, William Schmarzo, Dana Gardner

Related Topics: @CloudExpo, Microservices Expo, Agile Computing, Cloud Security, @DXWorldExpo, SDN Journal

@CloudExpo: Article

Business Implications for Cloud Information Protection

Three specific benefits to implementing a cloud computing security system

For some organizations, cloud computing can be a hard sell, even before you come to the question of how to handle cloud-computing security. Public cloud, private cloud, hybrid cloud, encryption, tokenization, data residency, privacy regulations - all are factors involved and the perceived effort can sometimes seem to overshadow the benefits. But just as cloud computing comes with a slew of demonstrated business benefits, so does effective cloud computing security. Included below are three specific benefits to implementing a cloud computing security system.

1. Regulatory compliance prevents costly fines.
One of the most common reasons enterprises have for investing in cloud computing security is, of course, regulatory compliance. Heavily regulated industries like finance and health care - industries that handle the most sensitive personal information - must remain in compliance with relevant regional, national, and international laws, as well as with industry-specific standards. Failure to do so can come with a high price. In fact, banks that fail to comply with the PCI DSS requirements, for example, may face fines of anywhere from $5,000 to $100,000 per month, costs that tend to get passed downstream, resulting in higher costs for all, according to the PCI Compliance Guide's FAQ.

As companies begin to see cost efficiency returns from their cloud investment, they are also finding the need to deploy a robust security system to protect customer data while complying with privacy regulations to mitigate against costly fines and reputational damage.

2. Cloud computing security preserves consumer confidence.
Data that is improperly protected with non-encryption or with poor encrypted data welcomes intruders, hackers and bots to compromise that data causing a data breach that results in irreparable harm to a business's reputation. In most regions, laws mandate that the businesses that lost the data disclose the breach to the public. Between February 2005 to December 2006, for example, "100 million personal records were reportedly lost or exposed," according to the IT Law Wiki.

And cyber crime is on the rise. Ponemon Institute recently reported that organizations suffered an average of nine cyber attacks in 2013 and that 50 percent of survey respondents indicated that these breaches successfully stole sensitive information. With the bulk of the holiday shopping season remaining, this is the most profitable time of the year for retailers, banks and card processors. But since cyber criminals follow the money trail, now is also the time for businesses to shore up their data protection measures through encryption and other recommended security practices from PCI and the 40-some breach notification mandates in the US.

3. Secure cloud computing improves reliability and flexibility and lowers costs (lower TCO).
Today, regulative noncompliance and data breaches pose significant dangers to businesses. Some say it's better to avoid the cloud, however, if a business decides to do so, they lose the opportunities for far greater reliability and flexibility in the business's computing infrastructure. As Abby Shagin wrote in the SAP blog, cloud computing liberates employees from dependence on in-house infrastructure, "creating a more flexible and mobile work lifestyle"; the cloud also allows for far more agility in implementing change.

Shagin points out that the economies of scale in the cloud allow for greater reliability, since "the vendor is more able to give 24/7 technical support and highly trained experienced staff to support the infrastructure at its best condition." Additionally, cloud computing can reduce business costs by shifting the burden of IT staffing away from your enterprise and onto the cloud provider, as TechRadar's Kate O'Flaherty observes.

Cloud computing is essential in creating an ecosystem that scales and adapts in the data-centric environment that drives business. In this data influx, cloud, and more important, security, ensures success and safety for customers, employees and the entire business today.

More Stories By Paige Leidig

Paige Leidig is SVP at CipherCloud. He has 20 years of experience in technology, marketing, and selling enterprise application solutions and managing trusted customer relationships. As SVP of Marketing, he is responsible for all aspects of marketing at CipherCloud. Paige was previously in the Office of the CEO at SAP, where he was responsible for leading and coordinating SAP’s acquisition and integration activities on a global basis. He has managed a number of marketing initiatives at SAP, including responsibility for all go-to-market activities for SAP’s Cloud applications portfolio. Preceding his SAP career, Paige held senior management positions with Ariba, Elance, and E*Trade.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Latest Stories
Hackers took three days to identify and exploit a known vulnerability in Equifax’s web applications. I will share new data that reveals why three days (at most) is the new normal for DevSecOps teams to move new business /security requirements from design into production. This session aims to enlighten DevOps teams, security and development professionals by sharing results from the 4th annual State of the Software Supply Chain Report -- a blend of public and proprietary data with expert researc...
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO Silicon Valley 2019 will cover all of these tools, with the most comprehensive program and with 222 rockstar speakers throughout our industry presenting 22 Keynotes and General Sessions, 250 Breakout Sessions along 10 Tracks, as well as our signature Power Panels. Our Expo Floor will bring together the leading global 200 companies throughout the world of Cloud Computing, DevOps, IoT, Smart Cities, FinTech, Digital Transformation, and all they entail.
Eric Taylor, a former hacker, reveals what he's learned about cybersecurity. Taylor's life as a hacker began when he was just 12 years old and playing video games at home. Russian hackers are notorious for their hacking skills, but one American says he hacked a Russian cyber gang at just 15 years old. The government eventually caught up with Taylor and he pleaded guilty to posting the personal information on the internet, among other charges. Eric Taylor, who went by the nickname Cosmo...
ClaySys Technologies is one of the leading application platform products in the ‘No-code' or ‘Metadata Driven' software business application development space. The company was founded to create a modern technology platform that addressed the core pain points related to the traditional software application development architecture. The founding team of ClaySys Technologies come from a legacy of creating and developing line of business software applications for large enterprise clients around the ...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in ...
Most modern computer languages embed a lot of metadata in their application. We show how this goldmine of data from a runtime environment like production or staging can be used to increase profits. Adi conceptualized the Crosscode platform after spending over 25 years working for large enterprise companies like HP, Cisco, IBM, UHG and personally experiencing the challenges that prevent companies from quickly making changes to their technology, due to the complexity of their enterprise. An accomp...
The benefits of automated cloud deployments for speed, reliability and security are undeniable. The cornerstone of this approach, immutable deployment, promotes the idea of continuously rolling safe, stable images instead of trying to keep up with managing a fixed pool of virtual or physical machines. In this talk, we'll explore the immutable infrastructure pattern and how to use continuous deployment and continuous integration (CI/CD) process to build and manage server images for any platfo...
DevOpsSUMMIT at CloudEXPO, to be held June 25-26, 2019 at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Am...
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more busine...
Automation is turning manual or repetitive IT tasks into a thing of the past-including in the datacenter. Nutanix not only provides a world-class user interface, but also a comprehensive set of APIs to allow the automation of provisioning, data collection, and other tasks. In this session, you'll explore Nutanix APIs-from provisioning to other Day 0, Day 1 operations. Come learn about how you can easily leverage Nutanix APIs for orchestration and automation of infrastructure, VMs, networking, an...
Sanjeev Sharma Joins November 11-13, 2018 @DevOpsSummit at @CloudEXPO New York Faculty. Sanjeev Sharma is an internationally known DevOps and Cloud Transformation thought leader, technology executive, and author. Sanjeev's industry experience includes tenures as CTO, Technical Sales leader, and Cloud Architect leader. As an IBM Distinguished Engineer, Sanjeev is recognized at the highest levels of IBM's core of technical leaders.
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
It cannot be overseen or regulated by any one administrator, like a government or bank. Currently, there is no government regulation on them which also means there is no government safeguards over them. Although many are looking at Bitcoin to put money into, it would be wise to proceed with caution. Regular central banks are watching it and deciding whether or not to make them illegal (Criminalize them) and therefore make them worthless and eliminate them as competition. ICOs (Initial Coin Offer...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
The dream is universal: heuristic driven, global business operations without interruption so that nobody has to wake up at 4am to solve a problem. Building upon Nutanix Acropolis software defined storage, virtualization, and networking platform, Mark will demonstrate business lifecycle automation with freedom of choice and consumption models. Hybrid cloud applications and operations are controllable by the Nutanix Prism control plane with Calm automation, which can weave together the following: ...