backlink free directory. site rank

TrustDIR.org » Trusted SEO Web Directory » Ethical SEO » Better Traffic » Higher Sales

 

 

 

Top Hits       Articles & Tutorials       WEB SEO Directory Statistics       Latest Websites       Suggest Article  

Article Home » Computers » Security



Beyond Encryption: The 5 Pillars of Cloud Data Security

Submitted on: Fri, 20 Sep 2013 07:53:21Views: 361
Given the recent influx of cyber-security attacks and the hubbub about the National Security Agency’s PRISM program, there is lot of talk about the importance of encryption to protect corporate data in the cloud. (PRISM is a clandestine data mining operation authorized by the U.S. government in which data stored or passing over the Internet can be collected without the owner’s knowledge or consent.)

While it’s true that encryption helps to keep data private, encryption is just 1 of 5 capabilities needed to completely secure corporate data in the cloud. Allow me to use an analogy in the physical world to explain what I mean.

Banks are an ideal example of the use of layers of security to protect important assets. A bank branch has a vault in which it stores cash and other valuables. Having a vault is essential, but on its own it’s not enough to fully protect the riches within.

The bank also has policies to guide who can access the vault; what identification methods are required to verify that an employee or customer has the right to access the vault; the hours when the vault can be legitimately accessed; and so on.

The bank also needs surveillance cameras so that in event of a breach, the authorities can play back the recording to understand exactly what happened, and when. Stationed near the vault, the bank has a security guard for additional protection against threats and to deter thieves. And finally, the bank employs armored vans to move cash around from the bank to stores, to off-premise ATMs, and to other banks.

Similarly, when we talk about protecting corporate data in the cloud, you need more than just a point encryption solution; you need comprehensive approach to cloud data security.

Let’s start with encryption—a technology that has been around for decades but is now more important than ever as threats from all angles are increasing. The encryption solution you use on your data needs to be standards-based and it must support both structured and unstructured data. For structured data, the encryption technology must not break any application functionality (such as searching or sorting). This latter requirement is quite important; if you can’t search on data in comments field in Salesforce.com because it is obscured through encryption, you’ve defeated the value of using the application.

So Encryption is 1 of 5 critical security capabilities. What are the other 4?

You need Data Loss Prevention Tools to make sure that PII and PHI data is not moving to or through the cloud in the clear in violation of PCI, HIPAA and HITECH regulations.

You need contextual access control so you can ensure secure access to the data based on who the users are, what devices they are using, and what geographic locations they are in.

You need application auditing so you can identify who has accessed which data and alert based on anomalous use. This is critical as most SaaS applications don’t provide audit trail of “read” operations to understand what exactly happened when an incident occurred.


And finally, you need the ability to easily but consistently enforce these policies for cloud-to-cloud use cases.

This last need is an up-and-coming requirement that companies are just beginning to realize, but it will grow more important as companies use more cloud-based applications. Let me give you an example.

Let’s say a company uses Jive for business social and Box for cloud storage of documents posted in Jive. When Jason, an employee in my Sales department, posts a blog post on a competitor with a detailed attachment, Jive automatically stores the document in Box. In this cloud-to-cloud scenario, I need to make sure that my security, compliance and governance policies are consistently enforced across both, Jive and Box.

Encryption as a means of data security is a good start, but not sufficient. Make sure you bolster it with the other critical security capabilities for a more complete cloud data security strategy. To learn more check out our Beyond Encryption Slideshare.




Skyhigh Networks, the cloud access security company, enables companies to embrace Cloud Services with appropriate levels of security, compliance, and governance while lowering overall risk and cost. With customers in financial services, healthcare, high technology, media, manufacturing, Data Loss Prevention Tools and legal verticals, the company was a finalist for the RSA Conference 2013 Most Innovative Company award and was recently named a "Cool Vendor" by Gartner, Inc. Headquartered in Cupertino, Calif., Skyhigh Networks is led by an experienced team and is venture-backed by Greylock Partners and Sequoia Capital. For more information, visit us at http://www.skyhighnetworks.com or follow us on Twitter @skyhighnetworks.



» Latest news on : Security
» Google News for: Beyond Encryption: The 5 Pillars of Cloud Data Security

Lates tweets about Computers / Security

From @BuyLocalNorfolk on Tue Feb 20 10:41:57 EST 2018
RT @CustomisedStaff: We like to rigorous test products before introducing them to customers. Smart locks by @YaleRealLiving installed by @…
From @lovepepperh on Tue Feb 20 10:41:57 EST 2018
RT @realDonaldTrump: A woman I don’t know and, to the best of my knowledge, never met, is on the FRONT PAGE of the Fake News Washington Pos…
From @Rhetticent on Tue Feb 20 10:41:57 EST 2018
RT @CharlieDaniels: If America ever falls it will not be an outside power or more powerful nation, there is no such thing. It will be the t…
From @Masada1948 on Tue Feb 20 10:41:56 EST 2018
RT @dannydanon: We're getting ready for a special @UN Security Council meeting with Palestinian leader Mahmoud Abbas. As always, we will s…
From @tinbender2 on Tue Feb 20 10:41:56 EST 2018
RT @realDonaldTrump: A woman I don’t know and, to the best of my knowledge, never met, is on the FRONT PAGE of the Fake News Washington Pos…
From @silent_plzzzz on Tue Feb 20 10:41:56 EST 2018
RT @gabeeno: His name is Gul Zarin from Tehsil Kabal, Swat. Security forces took his son 9 years back. Since then he does not know anything…
From @realllz on Tue Feb 20 10:41:56 EST 2018
RT @TeamPelosi: FACT: the #GOPTaxScam delivers $1.3 trillion to corporate America. Also a FACT: the #TrumpBudget cuts Medicare by $500 bi…
From @teokee on Tue Feb 20 10:41:56 EST 2018
RT @realDonaldTrump: A woman I don’t know and, to the best of my knowledge, never met, is on the FRONT PAGE of the Fake News Washington Pos…
From @DeirdreWassell on Tue Feb 20 10:41:56 EST 2018
Make it real at #DellTechWorld. Discover the @DellTech ecosystem of IT infrastructure, applications, devices and se… https://t.co/jVAEtWz5Jz
From @danielwje on Tue Feb 20 10:41:55 EST 2018
@Gatwick_Airport Why do you insist on merging your premium security and regular security lines at peak times in LGW… https://t.co/DPf9YqTXii
Copyright © 2008 - 2011     VIC Consulting - WEB Development, website promotion & SEO services
Autos neuves et usagées | Ottawa used cars, furniture & real estate | Toronto Computers Security
Follow webseodirectory on Twitter