|By Gilad Parann-Nissany||
|December 22, 2014 06:00 PM EST||
Executive Viewpoint 2015 Prediction: Porticor – 2015 will be the Year of ‘Encrypt Everything’
Several current trends in cloud computing leading into 2015 actually exhibit a tension between themselves. One trend, a well-known fact that will continue in the New Year to a greater extent, is that enterprises are rapidly moving to the cloud because of its operational efficiencies. This now includes enterprise projects that have sensitive data. Unlike the early days of “The Cloud,” enterprises are now stepping up with some of their crown jewels. Industries that will accelerate adoption in the New Year are Healthcare, Insurance, Utilities, Finance, and to some extent Banking.
A seemingly opposing trend taking shape as we move into 2015 is the increased worry around security scandals, which is a global phenomenon. The seemingly endless series of headlines – the Snowden scandal, the Target breach, the JP Morgan scare – has made cyber-crime a staple of the mainstream newspapers. This has bred a growing awareness that regulatory compliance is necessary, but it is not sufficient to just “check the box” on compliance. As we head into 2015 more will realize that security solutions for virtualized and cloud environments must address both compliance and enhanced data security requirements.
These trends actually oppose each other, unless a way is found where cloud security can be accepted as more secure than traditional data center security. Our prediction is that 2015 will be the year of “encrypt everything.” As enterprises move their workloads to the cloud, encryption technologies will become a must have solution for all data at rest and in transit to keep data safer than we saw in 2014.
The old arguments against encryption used to be about performance and the operational cost. System administrators wanted to see the data they were managing, especially if something went wrong. These concerns are increasingly becoming solved. Cutting-edge encryption solutions work with little performance penalty, and management systems have become automated so that management can be easy even without seeing the actual data. In fact, forbidding admins from seeing sensitive data is becoming the norm for security and compliance as we enter 2015.
The multiple threats encountered, the major scandals, and the lessons learned are creating a new “best practice” for data security. Security officers must assume that attackers will breach their defenses, and the traditional focus on perimeter defense is being replaced by a new theory. Security experts must disrupt the attacker in the process of attack, not just at the point of entry. The old firewall approach is being augmented with an emphasis on discovering the attacker while the attack is going on, protecting the data even after the enemy is inside the “secure perimeter,” and making the data unusable and unreadable for the attacker.
Hence the growing emphasis on encryption, especially for cloud environments which – by definition – do not have physical safeguards.
As the technology provides solutions to the old concerns, and as the cloud breakthrough gathers steam, we are going to see a new way of using encryption. It will be the default approach, with encryption always on.
The post Executive Viewpoint 2015 Prediction: Porticor – 2015 will be the Year of ‘Encrypt Everything’ appeared first on Porticor Cloud Security.
- Database Security in the Cloud
- Disruptive Innovations and the 'Internet of Things' | @ThingsExpo [#IoT]
- Securing Cloud Data from Cybercrime, Intrusion and Surveillance
- Cloud Computing Security Issues and Challenges By @GiladPN | @CloudExpo [#Cloud]
- MySQL in the Cloud
- Cloud Security – Implementing a Secure Cloud Backup Case Study
- Four Great Tips: Cloud Security for Big Data
- Answering Common Cloud Security Questions from CIOs
- Securing Your ‘Data at Rest’ in the Cloud
- Encrypted Cloud Storage – The Missing Piece