|By Gilad Parann-Nissany||
|May 21, 2014 12:00 PM EDT||
The reality is that a public cloud provider is likely investing more in infrastructure security and P3 (People, Process, Products) than your organization.
Does that mean that you can safely move your data to a public IaaS cloud? Not necessarily.
Any public cloud vendor will tell you off the bat that public cloud security requires a “shared responsibility” model.
It is confusing: on one hand, we tell you that public cloud security is likely safer, while on the other, we tell you it’s not necessarily safe to migrate to a public cloud. So let’s get down to details and clear up the confusion.
Private Cloud Security vs Public Cloud Security Comparison
Most enterprises are strategically looking at public clouds, while nurturing (and sometimes extending) the corporate private cloud. There are many reasons for that approach, but when it comes to data security, hardening and securing each cloud type is a fundamentally different task.
Private clouds are more secure in the sense that your servers and data are guarded behind the walls of a location managed and hopefully guarded by the enterprise. But implementing and maintaining the IT security is a daunting and resource-intensive task. You’ll need to build and maintain perimeter security, application security, and operating systems security. You must educate your employees. You will require IT personnel to handle the workload.
In a public infrastructure cloud, the responsibility for physical access, virtualization level security, and standardization is shifted to the cloud provider (who actually does a great job most of the time). You, the customer, are still responsible for operating system security, application security, and complying with specific regulatory standards such as HIPAA and PCI.
The cloud key management dilemma
As a cloud encryption vendor, we’re often asked about the “value” of cloud encryption. Cloud encryption can be cheap (if your cloud provider manages the encryption keys). But cheap encryption is, most times, insecure. Also, cheap encryption raises compliance issues as you allow someone else to manage the encryption keys for you.
The alternative, traditional way of encrypting, takes you back to the “pre-cloud” days by managing encryption keys yourself using Hardware Security Modules (HSMs). An HSM is certainly a highly secure option for key management; but, in a cloud (private or public), HSMs are challenged with two major issues.
- HSMs limits many of the cloud benefits, specifically around auto provisioning, orchestration and geographic dispersion (after all – it is hardware)
- The encryption keys are insecure the moment they leave to the cloud (to encrypt a disk or any other cloud resource).
- Needless to say, HSMs are far more expensive.
Now, let’s leave the dilemma in the past and look to the future for a solution.
The future – cloud encryption stronger than hardware
There’s a need for a fresh, fundamentally new approach to cloud encryption.
To deal with the complexity of cloud encryption while not compromising the enterprise trust, companies like Porticor Cloud Security leverage innovative cloud encryption techniques like split-key encryption and homomorphic key management (read more about it in this white paper).
These technologies enable public cloud customers to consume encryption as a service, without compromising the security of the encryption keys. As illustrated in this short video, split-key encryption is based on the concept used by Swiss banks’ safety deposit boxes: two owners hold keys, and only the combination of both keys can open or lock a safe.
Porticor splits the encryption key in half, providing one half for the customer, and keeping the second half with the “banker” – a Porticor key management service. Using split-key encryption technologies, no “secrets” are stored in the cloud key management system, as the Porticor’s key management system holds only half of the secret (half of the encryption key), and the cloud customer holds the second half.
Better Security in the Cloud
To declare a winner in the private cloud vs public cloud security rivalry would be remiss. In fact, better security is not a question of which cloud type you pick. Your data and applications can be totally secure in a private cloud, with an HSM and IT personnel to properly build, update, and maintain your security protocol. But that security may come at a higher price.
In the pubic cloud, because the provider maintains part of the security responsibility, the financial burden of securing your apps and data is lessened. However, you still share the responsibility and must not take your part lightly. If you take the proper precautions with your data encryption keys, you can be totally secure (and, as an added bonus, compliant with regulations and restrictions) in a public cloud too.
The post Private vs Public Cloud Security: Top Security Issues appeared first on Porticor Cloud Security.
WebRTC has had a real tough three or four years, and so have those working with it. Only a few short years ago, the development world were excited about WebRTC and proclaiming how awesome it was. You might have played with the technology a couple of years ago, only to find the extra infrastructure requirements were painful to implement and poorly documented. This probably left a bitter taste in your mouth, especially when things went wrong.
Aug. 31, 2015 02:00 AM EDT Reads: 442
Too often with compelling new technologies market participants become overly enamored with that attractiveness of the technology and neglect underlying business drivers. This tendency, what some call the “newest shiny object syndrome,” is understandable given that virtually all of us are heavily engaged in technology. But it is also mistaken. Without concrete business cases driving its deployment, IoT, like many other technologies before it, will fade into obscurity.
Aug. 30, 2015 10:00 PM EDT Reads: 347
While many app developers are comfortable building apps for the smartphone, there is a whole new world out there. In his session at @ThingsExpo, Narayan Sainaney, Co-founder and CTO of Mojio, will discuss how the business case for connected car apps is growing and, with open platform companies having already done the heavy lifting, there really is no barrier to entry.
Aug. 30, 2015 05:00 PM EDT Reads: 136
As more intelligent IoT applications shift into gear, they’re merging into the ever-increasing traffic flow of the Internet. It won’t be long before we experience bottlenecks, as IoT traffic peaks during rush hours. Organizations that are unprepared will find themselves by the side of the road unable to cross back into the fast lane. As billions of new devices begin to communicate and exchange data – will your infrastructure be scalable enough to handle this new interconnected world?
Aug. 30, 2015 04:00 PM EDT Reads: 154
SYS-CON Events announced today that Micron Technology, Inc., a global leader in advanced semiconductor systems, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Micron’s broad portfolio of high-performance memory technologies – including DRAM, NAND and NOR Flash – is the basis for solid state drives, modules, multichip packages and other system solutions. Backed by more than 35 years of technology leadership, Micron's memory solutions enable the world's most innovative computing, consumer,...
Aug. 30, 2015 01:30 PM EDT Reads: 225
SYS-CON Events announced today that Pythian, a global IT services company specializing in helping companies leverage disruptive technologies to optimize revenue-generating systems, has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Founded in 1997, Pythian is a global IT services company that helps companies compete by adopting disruptive technologies such as cloud, Big Data, advanced analytics, and DevOps to advance innovation and increase agility. Specializing in designing, imple...
Aug. 30, 2015 01:00 PM EDT Reads: 289
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Aug. 30, 2015 10:30 AM EDT Reads: 876
Consumer IoT applications provide data about the user that just doesn’t exist in traditional PC or mobile web applications. This rich data, or “context,” enables the highly personalized consumer experiences that characterize many consumer IoT apps. This same data is also providing brands with unprecedented insight into how their connected products are being used, while, at the same time, powering highly targeted engagement and marketing opportunities. In his session at @ThingsExpo, Nathan Treloar, President and COO of Bebaio, will explore examples of brands transforming their businesses by t...
Aug. 30, 2015 10:15 AM EDT Reads: 229
Through WebRTC, audio and video communications are being embedded more easily than ever into applications, helping carriers, enterprises and independent software vendors deliver greater functionality to their end users. With today’s business world increasingly focused on outcomes, users’ growing calls for ease of use, and businesses craving smarter, tighter integration, what’s the next step in delivering a richer, more immersive experience? That richer, more fully integrated experience comes about through a Communications Platform as a Service which allows for messaging, screen sharing, video...
Aug. 30, 2015 09:15 AM EDT Reads: 619
With the proliferation of connected devices underpinning new Internet of Things systems, Brandon Schulz, Director of Luxoft IoT – Retail, will be looking at the transformation of the retail customer experience in brick and mortar stores in his session at @ThingsExpo. Questions he will address include: Will beacons drop to the wayside like QR codes, or be a proximity-based profit driver? How will the customer experience change in stores of all types when everything can be instrumented and analyzed? As an area of investment, how might a retail company move towards an innovation methodolo...
Aug. 30, 2015 09:15 AM EDT Reads: 444
The Internet of Things (IoT) is about the digitization of physical assets including sensors, devices, machines, gateways, and the network. It creates possibilities for significant value creation and new revenue generating business models via data democratization and ubiquitous analytics across IoT networks. The explosion of data in all forms in IoT requires a more robust and broader lens in order to enable smarter timely actions and better outcomes. Business operations become the key driver of IoT applications and projects. Business operations, IT, and data scientists need advanced analytics t...
Aug. 30, 2015 08:30 AM EDT Reads: 398
A producer of the first smartphones and tablets, presenter Lee M. Williams will talk about how he is now applying his experience in mobile technology to the design and development of the next generation of Environmental and Sustainability Services at ETwater. In his session at @ThingsExpo, Lee Williams, COO of ETwater, will talk about how he is now applying his experience in mobile technology to the design and development of the next generation of Environmental and Sustainability Services at ETwater.
Aug. 30, 2015 07:00 AM EDT Reads: 123
SYS-CON Events announced today that IceWarp will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. IceWarp, the leader of cloud and on-premise messaging, delivers secured email, chat, documents, conferencing and collaboration to today's mobile workforce, all in one unified interface
Aug. 30, 2015 01:00 AM EDT Reads: 396
As more and more data is generated from a variety of connected devices, the need to get insights from this data and predict future behavior and trends is increasingly essential for businesses. Real-time stream processing is needed in a variety of different industries such as Manufacturing, Oil and Gas, Automobile, Finance, Online Retail, Smart Grids, and Healthcare. Azure Stream Analytics is a fully managed distributed stream computation service that provides low latency, scalable processing of streaming data in the cloud with an enterprise grade SLA. It features built-in integration with Azur...
Aug. 28, 2015 07:45 PM EDT Reads: 212
Akana has announced the availability of the new Akana Healthcare Solution. The API-driven solution helps healthcare organizations accelerate their transition to being secure, digitally interoperable businesses. It leverages the Health Level Seven International Fast Healthcare Interoperability Resources (HL7 FHIR) standard to enable broader business use of medical data. Akana developed the Healthcare Solution in response to healthcare businesses that want to increase electronic, multi-device access to health records while reducing operating costs and complying with government regulations.
Aug. 26, 2015 07:00 AM EDT Reads: 134
For IoT to grow as quickly as analyst firms’ project, a lot is going to fall on developers to quickly bring applications to market. But the lack of a standard development platform threatens to slow growth and make application development more time consuming and costly, much like we’ve seen in the mobile space. In his session at @ThingsExpo, Mike Weiner, Product Manager of the Omega DevCloud with KORE Telematics Inc., discussed the evolving requirements for developers as IoT matures and conducted a live demonstration of how quickly application development can happen when the need to comply wit...
Aug. 2, 2015 11:15 AM EDT Reads: 556
The Internet of Everything (IoE) brings together people, process, data and things to make networked connections more relevant and valuable than ever before – transforming information into knowledge and knowledge into wisdom. IoE creates new capabilities, richer experiences, and unprecedented opportunities to improve business and government operations, decision making and mission support capabilities.
Aug. 1, 2015 10:00 AM EDT Reads: 480
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Architect for the Internet of Things and Intelligent Systems, described how to revolutionize your archit...
Jul. 30, 2015 07:30 PM EDT Reads: 1,564
MuleSoft has announced the findings of its 2015 Connectivity Benchmark Report on the adoption and business impact of APIs. The findings suggest traditional businesses are quickly evolving into "composable enterprises" built out of hundreds of connected software services, applications and devices. Most are embracing the Internet of Things (IoT) and microservices technologies like Docker. A majority are integrating wearables, like smart watches, and more than half plan to generate revenue with APIs within the next year.
Jul. 30, 2015 02:30 PM EDT Reads: 281
Growth hacking is common for startups to make unheard-of progress in building their business. Career Hacks can help Geek Girls and those who support them (yes, that's you too, Dad!) to excel in this typically male-dominated world. Get ready to learn the facts: Is there a bias against women in the tech / developer communities? Why are women 50% of the workforce, but hold only 24% of the STEM or IT positions? Some beginnings of what to do about it! In her Opening Keynote at 16th Cloud Expo, Sandy Carter, IBM General Manager Cloud Ecosystem and Developers, and a Social Business Evangelist, d...
Jul. 30, 2015 12:00 PM EDT Reads: 2,228