|By David Stott||
|July 4, 2014 03:00 PM EDT||
We've written before about some of the high-profile data breaches occurring in recent months - security breaches that cause some to question the safety of the cloud to store and/or process sensitive data. It seems these stories are reported with increased regularity (sometimes delayed, as in the case of AT&T this month). In fact, Fierce CIO recently called the number of breaches reported this year an "epidemic."
While not all breaches are created equal in their impact, there are sometimes severe consequences for the business or the end consumer. In response, many enterprises, industries and nations are instituting stricter regulations, better security and more severe penalties for infringements - all in hopes of mitigating the risks of placing data on the cloud.
The Evolving Cloud Security Space
The first change we are seeing in response to the growing number of security breaches is that some countries, like Australia, have passed stricter legislations on data residency and sovereignty, resulting in a booming localized cloud data storage market. Similarly, Microsoft recently opened new international data centers, including another in Brazil, where laws require cloud data to be kept within the country. While keeping data resident in the country of origin may satisfy local laws/regulations, as we saw in the recent Microsoft ruling, that data is not necessarily safe from U.S. surveillance - and the threat from hackers still remains
The second major shift we see is that enterprises are adopting additional technologies to protect their data, including cloud security software. The overall cloud security market is expected to grow to almost $9 billion by 2019. I am willing to bet a good portion of that spending will be on cloud security software, not least of all because of the improved control and protection these types of solutions allow enterprises to have over their data.
Cloud Data Protection Gateways are one type of cloud security software that I believe will lead the cloud security market in the coming years. This solution, when implemented using best-in-class encryption or tokenization strategies, can fulfill the security needs of enterprises operating in highly regulated industries and/or geographical areas. Cloud data protection gateways allow enterprises to secure sensitive data fields via tokenization or encryption (FIPS 140-2) techniques. With tokenization the data stays on-premise; with encryption the keys stay local. And end user functionality like searching and sorting on protected data in the cloud is not impacted.
For more information on Perspecsys' solution, visit our informational page or download this report from Coalfire, an independent auditor that conducted a thorough evaluation of our solution. See our latest infographic on how to respond to a cloud security breach, should one occur.