Welcome!

Ruby-On-Rails Authors: Liz McMillan, Pat Romanski, Elizabeth White, Hovhannes Avoyan, Yeshim Deniz

Related Topics: @CloudExpo, Release Management , Ruby-On-Rails, Apache, Cloud Security

@CloudExpo: Blog Post

Cloud Computing Security Issues and Challenges By @GiladPN | @CloudExpo [#Cloud]

Digital data theft is more prevalent than physical theft

The US Federal Communications Commission has recently reported that "theft of digital information has become the most commonly reported fraud, surpassing physical theft." Businesses can do a lot to protect themselves. The FCC issued a Tip Sheet for small businesses to promote employee security training, firewalls, securing of WiFis, and more. But for business operating in (or migrating to) cloud environments; data security, cloud computing security issues, and challenges take on  new meanings and require new strategies.

Security in the Cloud: Unique Challenges
In the cloud, data security poses new risks and challenges. We are no longer concerned just with burglars breaking into our offices to steal computers, but rather with the data belonging to complete systems deployed to the cloud.

Security in the cloud cloud security issues Cloud Security Cloud Encryption cloud computing security issues and challenges  cloud computing security issues and challenges Cloud Computing Security Issues and Challenges:  Digital data theft is more prevalent than physical theft

When using public cloud infrastructure like that of AWS, VMware, Microsoft Azure, or HP Helion, we also have little fear of "bad guys" breaking into their datacenters. These large providers take access controls and infrastructure security very seriously.

Instead, security in the cloud becomes not about protecting our hardware, but rather protecting the sensitive information regardless of its physical location. For this, burglar alarms are irrelevant and firewalls are only one part of the approach for security in the cloud.

A way to visualize the unique challenges of data security in the cloud is that where before we had brick walls and steel locks to keep us safe; we now must construct mathematical walls as barriers to our data.

An important aspect in cloud security is cloud encryption. By properly encrypting the data we store in the cloud, we ensure that even if our security perimeter is breached, our data is rendered unreadable, unusable, and unsellable.

But, as it turns out, cloud encryption in and of itself is also not enough. Companies have encrypted well, using best-in-class algorithms to protect their business data, and still been compromised. The important piece is the encryption key. When businesses store the key to decrypt their data in the cloud, alongside the encrypted data itself, they make it easy for a hacker to use the same access point used to get the data to then get the key to decrypt it. In other examples, companies have entrusted their encryption keys to their cloud provider: the cloud provider essentially owns the sensitive data in this situation. The best practice must be different.

Security in the Cloud: Unique Solutions
The cloud has posed interesting obstacles to data security. And, as it turns out, the cloud has also brought forth even more interesting solutions.

In our new software-defined existence, the solution to cloud challenges resides in software built for the cloud.

For example, a pair of new technologies known as split key encryption and homomorphic key management have reinvented the way cloud encryption keys are handled; thus solving the issue of cloud key management.

By splitting encryption keys into two (or more) parts, this software-defined approach mimics the successful security of Swiss banks, where the account owner holds one key, the banker holds one key, and both keys are required to access the contents. Split key encryption is the first of two important cloud advancements toward total security in the cloud.

The next advancement is homomorphic key management, which is also a software-defined, cloud approach. With it, the encryption keys themselves are encrypted. This way, even while the key is being used in the cloud, it is never in unencrypted form, never to be seen "bare" by hackers, and renders the data it protects totally inaccessible to anyone but the data owner.

Security in the Cloud to Protect Privacy and Achieve Compliance
It is not just businesses themselves that have been concerned with data security in the cloud. Regulatory bodies in many industries view cloud security has a major concern and have amended their regulations to match. The approaches of split key encryption and homomorphic key management help businesses protect the privacy of their customers while also enable them to achieve compliance with HIPAA, PCI, and other regulations.

The post Cloud Computing Security Issues and Challenges: Digital data theft is more prevalent than physical theft appeared first on Porticor Cloud Security.

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at G.ho.st - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.

IoT & Smart Cities Stories
The platform combines the strengths of Singtel's extensive, intelligent network capabilities with Microsoft's cloud expertise to create a unique solution that sets new standards for IoT applications," said Mr Diomedes Kastanis, Head of IoT at Singtel. "Our solution provides speed, transparency and flexibility, paving the way for a more pervasive use of IoT to accelerate enterprises' digitalisation efforts. AI-powered intelligent connectivity over Microsoft Azure will be the fastest connected pat...
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the mod...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Druva is the global leader in Cloud Data Protection and Management, delivering the industry's first data management-as-a-service solution that aggregates data from endpoints, servers and cloud applications and leverages the public cloud to offer a single pane of glass to enable data protection, governance and intelligence-dramatically increasing the availability and visibility of business critical information, while reducing the risk, cost and complexity of managing and protecting it. Druva's...
BMC has unmatched experience in IT management, supporting 92 of the Forbes Global 100, and earning recognition as an ITSM Gartner Magic Quadrant Leader for five years running. Our solutions offer speed, agility, and efficiency to tackle business challenges in the areas of service management, automation, operations, and the mainframe.
The Jevons Paradox suggests that when technological advances increase efficiency of a resource, it results in an overall increase in consumption. Writing on the increased use of coal as a result of technological improvements, 19th-century economist William Stanley Jevons found that these improvements led to the development of new ways to utilize coal. In his session at 19th Cloud Expo, Mark Thiele, Chief Strategy Officer for Apcera, compared the Jevons Paradox to modern-day enterprise IT, examin...
With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO and DXWorldEXPO are two of the most important technology events of the year. Since its launch over eight years ago, @CloudEXPO and DXWorldEXPO have presented a rock star faculty as well as showcased hundreds of sponsors and exhibitors! In this blog post, we provide 7 tips on how, as part of our world-class faculty, you can deliver one of the most popular sessions at our events. But before reading...
DSR is a supplier of project management, consultancy services and IT solutions that increase effectiveness of a company's operations in the production sector. The company combines in-depth knowledge of international companies with expert knowledge utilising IT tools that support manufacturing and distribution processes. DSR ensures optimization and integration of internal processes which is necessary for companies to grow rapidly. The rapid growth is possible thanks, to specialized services an...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...