MySQL is probably the most popular open source database. While there is a
wealth of discussion online for MySQL database encryption,doing it right in a
cloud computing environment is tricky.
The discussion here is quite long, and contains a lot of interesting details.
So if you want a spoiler: it is possible to achieve true confidentiality for
your MySQL database today; using the industry best practice which is
Cloud encryption for MySQL – Setting your goals
Before talking tech, it’s actually essential to understand what your goals
are, and then how they relate to the technical solution for your MySQL
database. Sometimes it is hard to get transparency when it comes to what
goals are achievable with different techniques.
The classic goals of any information security solution are “CIA”, meaning
Confidentiality: your data cannot be rea... (more)
We recently received a request for help. An enterprise had been trying to
secure their data on the “process level” and gotten into some
difficulties. They asked us to jump in and help them out.
What is a “process”?
If you know a bit about software and operating systems (OS), you’ve heard
about “processes”. Modern operating systems, such as Linux or Windows,
will run your software applications inside separate processes. This is an OS
technique for isolating different software. For example you can make sure
that whatever your web server is doing – it cannot touch the memory of your ... (more)
TEL AVIV, Israel – April 18, 2012 – Porticor®, the leading cloud data
security company delivering the only cloud-based data encryption solution
that infuses trust into the cloud by ensuring customer keys are never
exposed, today announced that Network Products Guide, an industry leading
technology research and advisory guide, has named the Porticor Virtual
Private Data™ (Porticor VPD™) system as a finalist in the 7th Annual 2012
Hot Companies and Best Products Awards Program in the Cloud Security Product
Network Products Guide’s industry and peer awards honor achieveme... (more)
It’s a common sense fact that a cloud encryption solution needs to fit the
specifics of a requirement. Some scenarios need out-of-the-box solutions that
require no changes to existing application code. Other scenarios demand
changes to application code. A recent article by Ken Smith pointed out the
limitations of out-of-the-box solutions, and militated for application-level
code implementing cloud encryption solutions.
Application-level solutions do have definite benefits for compliance
requirements. If you want to be sure that cloud database administrators
cannot read sensitive... (more)
Earlier this month, we discussed the effect of NSA Leaker, Edward Snowden and
the Prism Scandal on the future of cloud security. We asked (and answered)
the question: What level of paranoia is justified in the wake of PRISM? But
it seems the scandal just grows and grows. We now hear that the Feds put heat
on Web firms for master cloud encryption keys. It is unclear whether US
authorities have the legal clout to obtain the master encryption keys that
Cloud Providers use to shield customer data. However, it is crystal clear
that the government wants this right. As the ripple ef... (more)