Cloud computing brings many advantages including elasticity, flexibility, and
pay-per-use. But when looking at cloud security, and specifically encrypted
cloud storage the picture is much more complex.
Cloud security (in IaaS and PaaS scenarios) is a shared responsibility. The
cloud provider is responsible for securing the datacenter premise, the
virtualization layer, and the Host OS, but it is the cloud customer’s
responsibility to secure the host OS, work with an encrypted cloud storage
and secure the application level.
The missing piece by shel silverstein
Cloud data security threats
Some aspects of securing virtual servers and storage are not dramatically
different from securing a physical server and the same basic rules still
apply. Enforcing a strong access control policy, disabling unnecessary
ports, and hardening the application layer are still valid and nec... (more)
It’s a common sense fact that a cloud encryption solution needs to fit the
specifics of a requirement. Some scenarios need out-of-the-box solutions that
require no changes to existing application code. Other scenarios demand
changes to application code. A recent article by Ken Smith pointed out the
limitations of out-of-the-box solutions, and militated for application-level
code implementing cloud encryption solutions.
Application-level solutions do have definite benefits for compliance
requirements. If you want to be sure that cloud database administrators
cannot read sensitive... (more)
Cloud Computing – the buzz words of the technology sector this decade: if
you’re not already doing it, you’re missing out. Articles have been
written. Experts have been crowned. Events have been attended. We all
agree – the cloud presents opportunities for cost savings, elasticity, and
But for companies that are bound by Payment Card Industry Data Security
Standard (PCI DSS), securing financial data in “the cloud” presents new
How is the Cloud Different? Securing brick and mortar businesses was one
thing, securing data centers and hardware was an added ... (more)
Companies are increasingly moving their data security to the cloud. By the
2015, 10% of overall IT security enterprise product capabilities will be
delivered in the cloud, according to a study conducted by Gartner. In fact,
the cloud data security market is expected to reach $4.2 billion by 2016.
Are there compelling reasons to move your own data security to the cloud? I
am a firm believer that cloud security is a godsend to companies dealing with
sensitive information, particularly small and medium sized enterprises
(SMEs). Here are the top reasons to consider moving your data se... (more)
How to sell Cloud Computing? We could do it the Dilbert way. Say what you
will, it hits a button.
Or we could do it the old fashioned way.
Not convinced? Actually this is why Porticor never "sells" cloud. Our
approach is always to assume the IT Customer has
Decided what are the benefits they expect (economics, agility, and so on)
Evaluated what they would feel comfortable putting in the cloud Understands
that – in IaaS/PaaS – they still retain some responsibility for their
security Started asking the questions: “how to meet our responsibility, how
to do security reasonably, and... (more)