We've written before about some of the high-profile data breaches occurring
in recent months - security breaches that cause some to question the safety
of the cloud to store and/or process sensitive data. It seems these stories
are reported with increased regularity (sometimes delayed, as in the case of
AT&T this month). In fact, Fierce CIO recently called the number of breaches
reported this year an "epidemic."
While not all breaches are created equal in their impact, there are sometimes
severe consequences for the business or the end consumer. In response, many
enterprises, industries and nations are instituting stricter regulations,
better security and more severe penalties for infringements - all in hopes of
mitigating the risks of placing data on the cloud.
The Evolving Cloud Security Space
The first change we are seeing in response to the growing number of secu... (more)
The latest headlines in the ongoing surveillance soap opera focus on the
revelation that the U.S. has been eavesdropping directly on German Prime
Minister Angela Merkel. The reaction in Germany has been strong with many
officials publically condemning the surveillance.
After the NSA's activity first came to light, many in Europe called for
stricter protection of EU data and privacy rights. But now, Merkel is calling
for stronger Internet technology in Germany, specifically to address the fact
all major data centers are in the U.S. and China.
It isn't clear exactly how these late... (more)
As the proliferation of the cloud continues, Cloud Protection Gateways are
increasingly being discussed as a way to address security issues surrounding
cloud adoption. Whatever stage of cloud adoption your organization is in, a
thorough vetting of the different gateways available will be important to
address key security issues, including data residency concerns, industry
compliance and internal security best practices.
Key Features of Cloud Protection Gateways
Cloud Protection Gateways will be an integral part of your cloud adoption
strategy. These gateways are built to intercept... (more)
When organizations look to protect sensitive data at rest in the cloud or in
transit on the way to it, there are two primary obfuscation strategies most
consider - tokenization or encryption. But some enterprises may not know the
details of how these methods work or how they differ.
The Tokenization Process
A newer technology, tokenization is the process of taking a sensitive data
field and replacing it with a surrogate value called a token. De-tokenization
is the reverse process of replacing a token with its associated clear text
The Encryption Process
Encryption uses a c... (more)
The European Commission acknowledges that Europe must become more ‘cloud
active’ to stay competitive in the global economy. And while public cloud
adoption in the EU is increasing, it is fragmented in some areas and lags the
US by some 3- 5 years. IDC’s recent study “Cloud in Europe: Uptake,
Benefits, Barriers, and Market Estimates” assesses the European cloud
market, identifies key cloud barriers, and makes straightforward
recommendations on how to remove them.
IDC surveyed European business users and consumers and discovered that a full
64% of EU businesses currently use the c... (more)