Share this content on Facebook!
25 Oct 2013

The State of Cloud Encryption: From Fiction to Actionable Reality

2. Review your cloud encryption options and pick the strongest Implementing encryption properly is tricky, and your best bet is to use a solution from the experts. Take a look at the encryption solutions available for your choice of cloud. Encryption is available for both private and public clouds check the Amazon Marketplace, the VMware VSX, or whatever is appropriate for the cloud you are using. Whichever path you take, make sure the strongest encryption standards are used and regularly reviewed. 3.

Here's a chart with estimations of how long it would take to break encryption methods. The oft-repeated concern about adopting cloud services is the security and privacy of the data that you trust to cloud providers. Along with this are the questions that must be answered related to compliance and jurisdiction. This infographic about encryption keys and their relative strength is provided by CipherCloud , a company that has set its sights on meeting these challenges by providing the security controls that will make the cloud a more viable option. CipherCloud offers encryption and tokenization technology that integrates specifically with various cloud platforms such as Gmail, Office 365, Salesforce, and others.

Infographic: Encryption crackability

Encryption Crackability.jpg ] This approach to encryption serves as a stable foundation for locking down information in the cloud and delivers these five enterprise-grade benefits: * Operations-preserving encryption. Until recently, encrypting cloud information "broke" the functions in applications like Salesforce, Google Gmail or Microsoft Office 365. Users could no longer search or sort any encrypted fields, significantly hampering the use of encryption with cloud applications. However, a cryptographic technology breakthrough called operations-preserving encryption solves this problem. This approach enables the encryption of sensitive fields like Social Security or credit card numbers, while still letting users see, search, sort and report on the encrypted information. [also see: " How joining Google Gmail with encryption system helps high-tech firm meet government security rules "] * Near-zero latency. While operations-preserving encryption makes encrypting information in the cloud possible, speed of performance is essential for user productivity. It is essential that an encryption gateway operates with near-zero latency, which is typically not noticeable by end users. * Content- and context-sensitive encryption. Another recent breakthrough is that of dynamic, content- and context-aware encryption.

CipherCloud Brings Encryption To Any SaaS Or Cloud Applications

Example Use Cases Common use cases for CipherCloud Connect AnyApp include: SaaS Call Center Application: An insurance provider is expanding its customer service organization and moving to a new SaaS-based application. Information stored in the cloud includes sensitive data such as social security numbers, state and federally regulated health information, and payments data that must be secured under the PCI DSS (Payment Card Industry Data Security Standard). To prevent data breaches and comply with HIPAA (Health Insurance Portability and Accountability Act), HITECH (Health Information Technology for Economic and Clinical Health), and PCI DSS, the insurance company uses Connect AnyApp to encrypt data. The insurer can use the SaaS application immediately without any changes from the cloud service provider. IaaS Electronic Healthcare Record (EHR) System: A national healthcare provider is deploying an EHR application in a public IaaS cloud to cost effectively manage the massive amounts of data generated each day. However, like most cloud providers, the firms IaaS provider does not sign a HIPAA-required Business Associate Agreement (BAA). Instead the healthcare provider used Connect AnyApp to encrypt data before its sent to the cloud. Policies set included encryption for PDF and TIFF documents in addition to structure data fields. Encryption is recognized by the Health and Human Services Administration (HHS) as an approved mechanism to control access and ensure compliance. Migrating Homegrown Applications to IaaS: A global media and broadcasting company is looking to eliminating the costs for hosting homegrown web applications running on a mix of Windows Server and Linux webservers connected to an Oracle database.


There isn't any comment in this page yet!

Do you want to be the first commenter?

New Comment

Full Name:
E-Mail Address:
Your website (if exists):
Your Comment:
Security code: