When organizations look to protect sensitive data at rest in the cloud or in
transit on the way to it, there are two primary obfuscation strategies most
consider - tokenization or encryption. But some enterprises may not know the
details of how these methods work or how they differ.
The Tokenization Process
A newer technology, tokenization is the process of taking a sensitive data
field and replacing it with a surrogate value called a token. De-tokenization
is the reverse process of replacing a token with its associated clear text
The Encryption Process
Encryption uses a cipher algorithm to mathematically transform data.
Encrypted values can be transformed back to the original value via the use of
a key. With encryption, a mathematical link back to its true form still
Encryption vs Tokenization - Key Differences
Depending on specific data protection r... (more)
IDC Canada recently published a study highlighting how IT security fears may
be inhibiting Canadian enterprises’ business agility and competitiveness.
IDC and TELUS Enterprise Cloud Study, 2012: Three Misconceptions Curb
Competitiveness sheds light on the concerns of leading Canadian businesses
reluctant to implement nontraditional IT delivery methods, including public
cloud-based SaaS applications, despite evidence these solutions can improve
productivity, efficiency, and adaptability. Based on IDC’s research, more
than 85% of the Canadian enterprises surveyed have significant c... (more)
As the proliferation of the cloud continues, Cloud Protection Gateways are
increasingly being discussed as a way to address security issues surrounding
cloud adoption. Whatever stage of cloud adoption your organization is in, a
thorough vetting of the different gateways available will be important to
address key security issues, including data residency concerns, industry
compliance and internal security best practices.
Key Features of Cloud Protection Gateways
Cloud Protection Gateways will be an integral part of your cloud adoption
strategy. These gateways are built to intercept... (more)
In a recent blog post, we discussed the emergence of Cloud Protection
Gateways as a solution for enterprises looking to protect sensitive cloud
data by keeping that data under their complete control. We started looking at
the vetting process enterprises undertake when they are selecting a Cloud
Protection Gateway Provider.
Since it is a decision with implications across the enterprise, we recognize
that there are a variety of teams within the organization that should be
included in the selection process. We began last time by looking at the
information the Security Team needs to... (more)
The latest headlines in the ongoing surveillance soap opera focus on the
revelation that the U.S. has been eavesdropping directly on German Prime
Minister Angela Merkel. The reaction in Germany has been strong with many
officials publically condemning the surveillance.
After the NSA's activity first came to light, many in Europe called for
stricter protection of EU data and privacy rights. But now, Merkel is calling
for stronger Internet technology in Germany, specifically to address the fact
all major data centers are in the U.S. and China.
It isn't clear exactly how these late... (more)