Welcome!

@CloudExpo Authors: Yeshim Deniz, Liz McMillan, Pat Romanski, Kevin Benedict, Elizabeth White

Related Topics: @CloudExpo, Microservices Expo, Microsoft Cloud, Cloud Security, @BigDataExpo, SDN Journal

@CloudExpo: Blog Feed Post

Five Cloud Encryption Tips

Encryption is one of the strongest security measures & its price-performance has become very attractive with the advent of cloud

A day doesn’t go by when we don’t hear about sensitive information being exposed or stolen. The culprits could be the government, professional hackers, careless employees with data on mobile devices, or internal employees with unauthorized access to data or unintentional release of data. It seems the wave of data breaches has gained momentum as data has moved from internal servers to the cloud; and access has gone mobile. Though the fact remains that there will be gaps in security, the goal of companies and IT departments should be to make those gaps as small and as difficult to take advantage of as possible.

Encryption has always been viewed as one of the strongest security measures, and its price-performance has become very attractive with the advent of cloud computing. This is because encryption is by far the best way to replace physical walls in the cloud.

Here are our top five cloud encryption tips (and we know a thing or two about encryption) to help protect your data:

1. Consider Encryption at rest, in use and in transit.
Data can be exposed when it is at rest in the cloud, on a virtual disk, in a cloud database, or in object storage. Eavesdropping may occur when data is being transmitted, perhaps from a user’s browser to your servers in the cloud, or between your cloud servers. Really nasty hackers may even try to gain access to your “root account” in a cloud server and look at the memory of your server while the data is being used and computation is going on. You should be aware of all these possibilities and choose solutions that address all of these risks.

2. Review your cloud encryption options and pick the strongest
Implementing encryption properly is tricky, and your best bet is to use a solution from the experts. Take a look at the encryption solutions available for your choice of cloud. Encryption is available for both private and public clouds – check the Amazon Marketplace, the VMware VSX, or whatever is appropriate for the cloud you are using. Whichever path you take, make sure the strongest encryption standards are used and regularly reviewed.

3. Define security responsibility
Many compliance regulations (like PCI and HIPAA) require data encryption at multiple touch points. That means it’s no longer the other guy’s (customer, provider, vendor, or all) problem, but yours. A full 39% of responses from the Ponemon Institute study hoped that if their cloud data was compromised the cloud provider would alert them – but actually it may be their own responsibility. More chillingly – yet realistically:42% said they wouldn’t know if their cloud server was hacked.

Taking responsibility for your data involves many precautions. Encryption in the cloud is one of the most important precautions, especially if you make sure to keep ownership of the encryption keys to yourself. As long as you own your encryption keys, you retain control of your data, even if bad things may happen.

4. Encrypt Encrypt 000000000 45 6E 63 72 79 70 74
Let’s just say that you’ve hardened the server from external hackers and they can’t access your data. That’s great! But, wait, what about internal employees?

What’s that you say? They are all trustworthy? Really? I bet that’s what Snowden’s boss thought too.

Trusting your employees is fine but it is best to be prepared for the worst, just in case. Choose STRONG encryption for your data to protect it from internal and external attacks, breaches, and theft. Only grant access to those who need it. Train them on how to deal with encrypted data, how to access it, where they can access it from, and have them follow the security procedures. Don’t forget to encrypt backups and snapshots. Encryption is especially great for maintaining control of multiple copies and backups – deleting the key for that particular data has the same effect as deleting all the copies, no matter where they have strayed.

5. Protect your keys
To give one key to the security vendor or cloud provider is to provide attackers one target to compromise. Strengthen your key security by using the strongest encryption key technology available, homomorphic key management. The technology provides two keys with an encrypted master given to the application/data owner, which stays encrypted while in-use. Even if the encrypted master is stolen the data still won’t be accessible.

Protecting your and your customer’s data is a part of doing business. Doing it wrong can hurt business and the bottom line. Put real procedures in place to protect the data and in-turn, the business. Preparing for the worst never seems necessary until it is necessary. After all, you don’t want to find out about a data breach to your data on the nightly news. Prepare and protect.

To find out more about cloud encryption tips and a white paper on key management click here.

The post 5 Cloud Encryption Tips appeared first on Porticor Cloud Security.

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at G.ho.st - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.

@CloudExpo Stories
"DX encompasses the continuing technology revolution, and is addressing society's most important issues throughout the entire $78 trillion 21st-century global economy," said Roger Strukhoff, Conference Chair. "DX World Expo has organized these issues along 10 tracks with more than 150 of the world's top speakers coming to Istanbul to help change the world."
"We focus on SAP workloads because they are among the most powerful but somewhat challenging workloads out there to take into public cloud," explained Swen Conrad, CEO of Ocean9, Inc., in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"As we've gone out into the public cloud we've seen that over time we may have lost a few things - we've lost control, we've given up cost to a certain extent, and then security, flexibility," explained Steve Conner, VP of Sales at Cloudistics,in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"We are focused on SAP running in the clouds, to make this super easy because we believe in the tremendous value of those powerful worlds - SAP and the cloud," explained Frank Stienhans, CTO of Ocean9, Inc., in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"Peak 10 is a hybrid infrastructure provider across the nation. We are in the thick of things when it comes to hybrid IT," explained , Chief Technology Officer at Peak 10, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"I think DevOps is now a rambunctious teenager – it’s starting to get a mind of its own, wanting to get its own things but it still needs some adult supervision," explained Thomas Hooker, VP of marketing at CollabNet, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"We are still a relatively small software house and we are focusing on certain industries like FinTech, med tech, energy and utilities. We help our customers with their digital transformation," noted Piotr Stawinski, Founder and CEO of EARP Integration, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"We've been engaging with a lot of customers including Panasonic, we've been involved with Cisco and now we're working with the U.S. government - the Department of Homeland Security," explained Peter Jung, Chief Product Officer at Pulzze Systems, in this SYS-CON.tv interview at @ThingsExpo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Everything run by electricity will eventually be connected to the Internet. Get ahead of the Internet of Things revolution and join Akvelon expert and IoT industry leader, Sergey Grebnov, in his session at @ThingsExpo, for an educational dive into the world of managing your home, workplace and all the devices they contain with the power of machine-based AI and intelligent Bot services for a completely streamlined experience.
Any startup has to have a clear go –to-market strategy from the beginning. Similarly, any data science project has to have a go to production strategy from its first days, so it could go beyond proof-of-concept. Machine learning and artificial intelligence in production would result in hundreds of training pipelines and machine learning models that are continuously revised by teams of data scientists and seamlessly connected with web applications for tenants and users.
"We're here to tell the world about our cloud-scale infrastructure that we have at Juniper combined with the world-class security that we put into the cloud," explained Lisa Guess, VP of Systems Engineering at Juniper Networks, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"I will be talking about ChatOps and ChatOps as a way to solve some problems in the DevOps space," explained Himanshu Chhetri, CTO of Addteq, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"We are an IT services solution provider and we sell software to support those solutions. Our focus and key areas are around security, enterprise monitoring, and continuous delivery optimization," noted John Balsavage, President of A&I Solutions, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Your homes and cars can be automated and self-serviced. Why can't your storage? From simply asking questions to analyze and troubleshoot your infrastructure, to provisioning storage with snapshots, recovery and replication, your wildest sci-fi dream has come true. In his session at @DevOpsSummit at 20th Cloud Expo, Dan Florea, Director of Product Management at Tintri, provided a ChatOps demo where you can talk to your storage and manage it from anywhere, through Slack and similar services with...
The financial services market is one of the most data-driven industries in the world, yet it’s bogged down by legacy CPU technologies that simply can’t keep up with the task of querying and visualizing billions of records. In his session at 20th Cloud Expo, Karthik Lalithraj, a Principal Solutions Architect at Kinetica, discussed how the advent of advanced in-database analytics on the GPU makes it possible to run sophisticated data science workloads on the same database that is housing the rich...
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
"We want to show that our solution is far less expensive with a much better total cost of ownership so we announced several key features. One is called geo-distributed erasure coding, another is support for KVM and we introduced a new capability called Multi-Part," explained Tim Desai, Senior Product Marketing Manager at Hitachi Data Systems, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
There is a huge demand for responsive, real-time mobile and web experiences, but current architectural patterns do not easily accommodate applications that respond to events in real time. Common solutions using message queues or HTTP long-polling quickly lead to resiliency, scalability and development velocity challenges. In his session at 21st Cloud Expo, Ryland Degnan, a Senior Software Engineer on the Netflix Edge Platform team, will discuss how by leveraging a reactive stream-based protocol,...
SYS-CON Events announced today that SkyScale will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. SkyScale is a world-class provider of cloud-based, ultra-fast multi-GPU hardware platforms for lease to customers desiring the fastest performance available as a service anywhere in the world. SkyScale builds, configures, and manages dedicated systems strategically located in maximum-securit...
DX World EXPO, LLC., a Lighthouse Point, Florida-based startup trade show producer and the creator of "DXWorldEXPO® - Digital Transformation Conference & Expo" has announced its executive management team. The team is headed by Levent Selamoglu, who has been named CEO. "Now is the time for a truly global DX event, to bring together the leading minds from the technology world in a conversation about Digital Transformation," he said in making the announcement.