Welcome!

David Stott

Subscribe to David Stott: eMailAlertsEmail Alerts
Get David Stott via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by David Stott

In a recent blog post, we discussed the emergence of Cloud Protection Gateways as a solution for enterprises looking to protect sensitive cloud data by keeping that data under their complete control. We started looking at the vetting process enterprises undertake when they are selecting a Cloud Protection Gateway Provider. Since it is a decision with implications across the enterprise, we recognize that there are a variety of teams within the organization that should be included in the selection process. We began last time by looking at the information the Security Team needs to make an informed decision about a provider. Other groups to involve include the Governance & Risk team, Information Technology team and End User team. The Governance & Risk Team The Governance & Risk team needs to know that the gateway provider chosen is able to comply with the enterprise's... (more)

Choosing a Cloud Protection Gateway Provider

As the proliferation of the cloud continues, Cloud Protection Gateways are increasingly being discussed as a way to address security issues surrounding cloud adoption. Whatever stage of cloud adoption your organization is in, a thorough vetting of the different gateways available will be important to address key security issues, including data residency concerns, industry compliance and internal security best practices. Key Features of Cloud Protection Gateways Cloud Protection Gateways will be an integral part of your cloud adoption strategy. These gateways are built to intercept... (more)

Impact of the Allegations Surrounding the NSA Spying on Cloud Privacy

The latest headlines in the ongoing surveillance soap opera focus on the revelation that the U.S. has been eavesdropping directly on German Prime Minister Angela Merkel. The reaction in Germany has been strong with many officials publically condemning the surveillance. After the NSA's activity first came to light, many in Europe called for stricter protection of EU data and privacy rights. But now, Merkel is calling for stronger Internet technology in Germany, specifically to address the fact all major data centers are in the U.S. and China. It isn't clear exactly how these late... (more)

Removing Cloud Barriers in Europe

The European Commission acknowledges that Europe must become more ‘cloud active’ to stay competitive in the global economy. And while public cloud adoption in the EU is increasing, it is fragmented in some areas and lags the US by some 3- 5 years. IDC’s recent study “Cloud in Europe: Uptake, Benefits, Barriers, and Market Estimates” assesses the European cloud market, identifies key cloud barriers, and makes straightforward recommendations on how to remove them. IDC surveyed European business users and consumers and discovered that a full 64% of EU businesses currently use the c... (more)

Tokenization & Encryption – Two Data Security Methods for the Cloud

When organizations look to protect sensitive data at rest in the cloud or in transit on the way to it, there are two primary obfuscation strategies most consider - tokenization or encryption. But some enterprises may not know the details of how these methods work or how they differ. The Tokenization Process A newer technology, tokenization is the process of taking a sensitive data field and replacing it with a surrogate value called a token. De-tokenization is the reverse process of replacing a token with its associated clear text value. The Encryption Process Encryption uses a c... (more)