Welcome!

@CloudExpo Authors: Elizabeth White, Yeshim Deniz, Liz McMillan, Pat Romanski, Zakia Bouachraoui

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Agile Computing, Government Cloud, @DXWorldExpo, SDN Journal

@CloudExpo: Article

Government Agencies Decoding Encryption – How to Keep Cloud Data Private

Enterprises don't need to allow their fears to slow down or stop their cloud adoption

The latest reports surrounding the surveillance programs of the NSA and their International counterparts reveal that these agencies have been able to decode the encryption methods some enterprises and organizations use to keep their online data private.

While these headlines are likely disconcerting for those operating in the U.S. or using software applications from cloud providers, as stated in our recent press release and blog post, enterprises do not need to allow their fears to slow down or stop their cloud adoption.

Methods for Securing Data Online
More attention has been turning to tokenization recently as a strong approach to secure sensitive data. Tokenization, like encryption, encodes or conceals data so it is protected from unauthorized parties. But unlike encryption, in which a mathematical link back to the original data's true form still exists; tokenization is unique in that it completely removes the original data from the systems in which the replacement tokens reside (in this case, the cloud itself). You can find out more information about tokenization on this resource page.

When implemented in its strongest fashion (a randomized token generation approach recommended by the PCI DSS Security Council), tokenization is secure from the brute-force attacks - think super-computers being unleashed to try to descramble the obfuscated values - that the agencies referenced in the articles were reported to be using.

If an organization does decide to use encryption (vs. tokenization), these latest revelations demonstrate why it is critical to use a trusted encryption vendor that has produced/published peer-reviewed security proofs on the modules that are being considered for use. It is also critical to use systems that allow you to maintain complete ownership and control of encryption keys used for transforming encrypted data back to its original value.

Weakened encryption techniques, such as the Operations Preserving Encryption or Function Preserving Encryption that Gartner has written about in some recent reports, are extremely vulnerable to the decoding and brute-force attack techniques used by these government agencies. For more information on encryption, visit this resource page and our page on the importance of using encryption algorithms with existing FIPS 140-2 validation.

PerspecSys' view continues to be that absolute control of sensitive data is key. An enterprise needs to able to keep sensitive data on premise and, before sending any information to the cloud, use tokenization or only the strongest encryption techniques make that data meaningless to anyone who attempts to access it without the corporation's permission. PerspecSys offers enterprises solutions for maintaining just this sort of control while ensuring that the usability and functionality of applications are not adversely impacted while the data is being protected.

Read the original blog entry...


PerspecSys Inc. is a leading provider of cloud protection and cloud encryption solutions that enable mission-critical cloud applications to be adopted throughout the enterprise. Cloud security companies like PerspecSys remove the technical, legal and financial risks of placing sensitive company data in the cloud. PerspecSys accomplishes this for many large, heavily regulated companies across the world by never allowing sensitive data to leave a customer's network, while maintaining the functionality of cloud applications. For more information please visit http://www.perspecsys.com/ or follow on Twitter @perspecsys.

More Stories By Gerry Grealish

Gerry Grealish is Vice President, Marketing & Products, at PerspecSys. He is responsible for defining and executing PerspecSys’ marketing vision and driving revenue growth through strategic market expansion and new product development. Previously, he ran Product Marketing for the TNS Payments Division, helping create the marketing and product strategy for its cloud-based payment gateway and tokenization/encryption security solutions. He has held senior marketing and leadership roles for venture-backed startups as well as F500 companies, and his industry experience includes enterprise analytical software, payment processing and security services, and marketing and credit risk decisioning platforms.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


CloudEXPO Stories
Your job is mostly boring. Many of the IT operations tasks you perform on a day-to-day basis are repetitive and dull. Utilizing automation can improve your work life, automating away the drudgery and embracing the passion for technology that got you started in the first place. In this presentation, I'll talk about what automation is, and how to approach implementing it in the context of IT Operations. Ned will discuss keys to success in the long term and include practical real-world examples. Get started on automating your way to a brighter future!
The challenges of aggregating data from consumer-oriented devices, such as wearable technologies and smart thermostats, are fairly well-understood. However, there are a new set of challenges for IoT devices that generate megabytes or gigabytes of data per second. Certainly, the infrastructure will have to change, as those volumes of data will likely overwhelm the available bandwidth for aggregating the data into a central repository. Ochandarena discusses a whole new way to think about your next-gen applications and how to address the challenges of building applications that harness all data types and sources.
Lori MacVittie is a subject matter expert on emerging technology responsible for outbound evangelism across F5's entire product suite. MacVittie has extensive development and technical architecture experience in both high-tech and enterprise organizations, in addition to network and systems administration expertise. Prior to joining F5, MacVittie was an award-winning technology editor at Network Computing Magazine where she evaluated and tested application-focused technologies including app security and encryption-related solutions. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University, and is an O'Reilly author.
CloudEXPO New York 2018, colocated with DevOpsSUMMIT and DXWorldEXPO New York 2018 will be held November 12-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI and Machine Learning to one location.
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.