|By Gilad Parann-Nissany||
|July 2, 2012 09:00 AM EDT||
A recent SC magazine cloud data security article provided an interesting glimpse to a soon-to-be-released “2012 Global SMB Security Market Assessment” by Access Markets International Partners (AMI). According to AMI, SMBs are projected to increasingly shift their security dollars toward protecting the cloud. Cloud security currently accounts for nearly 17 percent of total spending, or $3.3 billion, within the worldwide SMB market, however, spending for cloud security is projected to jump to as much as 24 percent, or $7.7 billion.
Recent trends continuously show that cloud computing is gaining more and more traction for its many advantages such as scalability, elasticity and pay as you go economics, but at the same time, cloud data security remains the number one issue. But what does cloud data security actually mean? What should be considered the top cloud data security priorities?
Cloud data encryption is your virtual datacenter walls
Not too long ago, application servers hosted inside the organization’s datacenter were relatively safe and protected within the four walls of the datacenter. Physical access was strictly (yet easily) controlled, and access to the datacenter was in most cases a documented and well monitored procedure. Those days are gone. Access to servers and applications hosted in the cloud (as Infrastructure or Platform as a Service) is done in a browser, so it is more vulnerable to both hackers and insider threats. This is where cloud data encryption kicks in. Implementing encryption for your cloud data will guarantee that your data will remain safe in the rare case of physical disk theft or in the more common scenario where an attacker or malware exploit a vulnerability to access your data. Cloud data encryption literally becomes the virtual walls protecting your data.
But unfortunately – there’s more to it.
Cloud Key Management is not an easy challenge
Using cloud encryption is only one part of the equation. Cloud data encryption requires encryption keys, and managing your encryption keys in the cloud becomes a significant issue, as you eventually need to either trust someone else to manage the encryption keys for you, or deploy a key management server back into your datacenter (when you wanted to migrate out of the datacenter and in to the cloud in the first place). Fortunately, innovative cloud key management approaches do exist. One example is the split-key encryption technology which for the first time allows enterprises storing sensitive or regulated data in the cloud to deploy a cloud based encryption solution, while at the same time, not compromising the confidentiality of the data, and keeping control of the encryption keys. Split-key encryption guarantees neither the cloud provider nor the security vendor will ever have visibility to the most important cloud encryption element – the encryption keys. Download this cloud data encryption whitepaper to learn more about cloud security challenges.
- Database Security in the Cloud
- Disruptive Innovations and the 'Internet of Things' | @ThingsExpo [#IoT]
- Securing Cloud Data from Cybercrime, Intrusion and Surveillance
- Cloud Computing Security Issues and Challenges By @GiladPN | @CloudExpo [#Cloud]
- MySQL in the Cloud
- Cloud Security – Implementing a Secure Cloud Backup Case Study
- Four Great Tips: Cloud Security for Big Data
- Answering Common Cloud Security Questions from CIOs
- Securing Your ‘Data at Rest’ in the Cloud
- Encrypted Cloud Storage – The Missing Piece