Click here to close now.

SYS-CON MEDIA Authors: Elizabeth White, Cloud Best Practices Network, Kevin Jackson, Pat Romanski, Peter Silva

Related Topics: Cloud Expo, Java, SOA & WOA, .NET, Virtualization, Security

Cloud Expo: Blog Feed Post

Hybrid Cloud Security Challenges

Transitional cloud security strategies are needed that continue to make use of existing data centers and security strategies

The growing rate of hybrid cloud adoption requires particular models of cloud security. Many enterprises are moving some of their workload to a public cloud environment while retaining other workloads in the private cloud. Transitional cloud security strategies are needed that continue to make use of existing data centers and security strategies. Because each enterprise splits up their data between public and private clouds in a unique way, data security methods must solve multiple challenges:

  • How to secure on-premise data center resources
  • How to secure applications when they migrate to the public cloud
  • How to secure data stored with multiple cloud service providers
  • How to protect virtualized underpinnings of public and private clouds
  • How to secure mobile devices which connect to the cloud infrastructure

The key to addressing these issues is taking a holistic approach to cloud security.

Securing Data in the Cloud with Encryption

Securing Data in the Cloud hybrid clouds Cloud Security  securing data in cloud hybrid Hybrid Cloud Security ChallengesThe issue of data ownership becomes even more important in hybrid cloud scenarios because they involve data in multiple locations. There is only one best practice for securing data in the cloud with systems that involve multiple private and public locations: encrypt the data in a way that allows all systems to continue working transparently and to maintain ownership of the data through ownership of the encryption keys.

A technological breakthrough in this area is split key encryption, which elegantly settles the issue of ownership of encryption keys. This method encrypts each “resource” (a disk, a database row, a file, etc) with a combination of two keys, one of which, a master key, is owned only by the enterprise. With this method, only the owner of the data ultimately controls the encryption keys.  Maintaining control of the encryption keys eliminates the possibility that someone else has control (i.e., cloud providers’ employees), so the issue of ownership is settled in an elegant way.

Split key encryption can be further enhanced through homomorphic key management, which keeps encryption keys encrypted at all times – even when they are in use. This way, the data can be used without the master key ever being exposed. If a hacker steals a master key in its encrypted form, it cannot be used by the hacker.

Another great benefit of securing data in the cloud with split key cloud encryption and homomorphic key management is that in the unlikely event that a security breach does occur, these measures allow enterprises to claim “Safe Harbor.” Having taken these precautions and achieving Safe Harbor means that they are relieved from many of the reporting requirements and the regulatory fines usually associated with a breach, since they can show that the data is encrypted and the encryption keys are safe.

In hybrid cloud scenarios, the combination of these methodologies allows you to protect your data across multiple cloud locations and achieve “Safe Harbor,” thus also protecting yourself.

Click here to learn more about Porticor’s solutions for hybrid cloud security.

The post Hybrid Cloud Security Challenges appeared first on Porticor Cloud Security.

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at G.ho.st - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.

Latest Stories
SYS-CON Events announced today that CodeFutures, a leading supplier of database performance tools, has been named a “Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. CodeFutures is an independent software vendor focused on providing tools that deliver database performance tools that increase productivity during database development and increase database performance and scalability during production.
The IoT market is projected to be $1.9 trillion tidal wave that’s bigger than the combined market for smartphones, tablets and PCs. While IoT is widely discussed, what not being talked about are the monetization opportunities that are created from ubiquitous connectivity and the ensuing avalanche of data. While we cannot foresee every service that the IoT will enable, we should future-proof operations by preparing to monetize them with extremely agile systems.
There’s Big Data, then there’s really Big Data from the Internet of Things. IoT is evolving to include many data possibilities like new types of event, log and network data. The volumes are enormous, generating tens of billions of logs per day, which raise data challenges. Early IoT deployments are relying heavily on both the cloud and managed service providers to navigate these challenges. Learn about IoT, Big Data and deployments processing massive data volumes from wearables, utilities and ot...
Even as cloud and managed services grow increasingly central to business strategy and performance, challenges remain. The biggest sticking point for companies seeking to capitalize on the cloud is data security. Keeping data safe is an issue in any computing environment, and it has been a focus since the earliest days of the cloud revolution. Understandably so: a lot can go wrong when you allow valuable information to live outside the firewall. Recent revelations about government snooping, along...
In his session at DevOps Summit, Tapabrata Pal, Director of Enterprise Architecture at Capital One, will tell a story about how Capital One has embraced Agile and DevOps Security practices across the Enterprise – driven by Enterprise Architecture; bringing in Development, Operations and Information Security organizations together. Capital Ones DevOpsSec practice is based upon three "pillars" – Shift-Left, Automate Everything, Dashboard Everything. Within about three years, from 100% waterfall, C...
The explosion of connected devices / sensors is creating an ever-expanding set of new and valuable data. In parallel the emerging capability of Big Data technologies to store, access, analyze, and react to this data is producing changes in business models under the umbrella of the Internet of Things (IoT). In particular within the Insurance industry, IoT appears positioned to enable deep changes by altering relationships between insurers, distributors, and the insured. In his session at @Things...
SYS-CON Events announced today that Intelligent Systems Services will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Established in 1994, Intelligent Systems Services Inc. is located near Washington, DC, with representatives and partners nationwide. ISS’s well-established track record is based on the continuous pursuit of excellence in designing, implementing and supporting nationwide clients’ mission-cri...
PubNub on Monday has announced that it is partnering with IBM to bring its sophisticated real-time data streaming and messaging capabilities to Bluemix, IBM’s cloud development platform. “Today’s app and connected devices require an always-on connection, but building a secure, scalable solution from the ground up is time consuming, resource intensive, and error-prone,” said Todd Greene, CEO of PubNub. “PubNub enables web, mobile and IoT developers building apps on IBM Bluemix to quickly add sc...
The major cloud platforms defy a simple, side-by-side analysis. Each of the major IaaS public-cloud platforms offers their own unique strengths and functionality. Options for on-site private cloud are diverse as well, and must be designed and deployed while taking existing legacy architecture and infrastructure into account. Then the reality is that most enterprises are embarking on a hybrid cloud strategy and programs. In this Power Panel at 15th Cloud Expo (http://www.CloudComputingExpo.com...
There has been a lot of discussion recently in the DevOps space over whether there is a unique form of DevOps for large enterprises or is it just vendors looking to sell services and tools. In his session at DevOps Summit, Chris Riley, a technologist, discussed whether Enterprise DevOps is a unique species or not. What makes DevOps adoption in the enterprise unique or what doesn’t? Unique or not, what does this mean for adopting DevOps in enterprise size organizations? He also explored differe...
“In the past year we've seen a lot of stabilization of WebRTC. You can now use it in production with a far greater degree of certainty. A lot of the real developments in the past year have been in things like the data channel, which will enable a whole new type of application," explained Peter Dunkley, Technical Director at Acision, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Sensor-enabled things are becoming more commonplace, precursors to a larger and more complex framework that most consider the ultimate promise of the IoT: things connecting, interacting, sharing, storing, and over time perhaps learning and predicting based on habits, behaviors, location, preferences, purchases and more. In his session at @ThingsExpo, Tom Wesselman, Director of Communications Ecosystem Architecture at Plantronics, will examine the still nascent IoT as it is coalescing, includin...
The cloud has transformed how we think about software quality. Instead of preventing failures, we must focus on automatic recovery from failure. In other words, resilience trumps traditional quality measures. Continuous delivery models further squeeze traditional notions of quality. Remember the venerable project management Iron Triangle? Among time, scope, and cost, you can only fix two or quality will suffer. Only in today's DevOps world, continuous testing, integration, and deployment upend...
Data-intensive companies that strive to gain insights from data using Big Data analytics tools can gain tremendous competitive advantage by deploying data-centric storage. Organizations generate large volumes of data, the vast majority of which is unstructured. As the volume and velocity of this unstructured data increases, the costs, risks and usability challenges associated with managing the unstructured data (regardless of file type, size or device) increases simultaneously, including end-to-...
The excitement around the possibilities enabled by Big Data is being tempered by the daunting task of feeding the analytics engines with high quality data on a continuous basis. As the once distinct fields of data integration and data management increasingly converge, cloud-based data solutions providers have emerged that can buffer your organization from the complexities of this continuous data cleansing and management so that you’re free to focus on the end goal: actionable insight.