Cloud computing brings many advantages including elasticity, flexibility, and
pay-per-use. But when looking at cloud security, and specifically encrypted
cloud storage the picture is much more complex.
Cloud security (in IaaS and PaaS scenarios) is a shared responsibility. The
cloud provider is responsible for securing the datacenter premise, the
virtualization layer, and the Host OS, but it is the cloud customer’s
responsibility to secure the host OS, work with an encrypted cloud storage
and secure the application level.
The missing piece by shel silverstein
Cloud data security threats
Some aspects of securing virtual servers and storage are not dramatically
different from securing a physical server and the same basic rules still
apply. Enforcing a strong access control policy, disabling unnecessary
ports, and hardening the application layer are still valid and nec... (more)
When large enterprises move to a public infrastructure cloud (such as Amazon
Web Services or others), it is a gradual, and often times, carefully measured
process. Large enterprises strive for 100 percent certainty that the
migration process will not impact the business; therefore, they’ll usually
start slowly, by migrating one application or process to the cloud.
This is where hybrid clouds kick in. Hybrid clouds offer (just as their name
insinuates) a hybrid between on-premise and cloud infrastructure. But once
even part of the business is in the cloud, the need arises for cloud... (more)
(Or: If you’re an ISV running on Amazon Web Services – This one is for
Over the past year, the trend of developing and delivering a software
offering over a public cloud such as Amazon Web Services has grown
dramatically. Software Vendors, both established and start-up companies, are
using Infrastructure as a Service for its obvious advantages, such as cost
effectiveness, redundancy, high availability, and probably the most dramatic
effect for a software vendor – flexibility. A software vendor can make use
of the IaaS provided APIs to automatically add servers, disks, back... (more)
Porticor, the leading cloud data security company delivering the only
cloud-based data encryption solution that infuses trust into the cloud by
ensuring customer keys are never exposed, today formally launched to make
available the industry’s first solution combining data encryption with
patented key management to protect critical data in public, private and
hybrid cloud environments.
Since Porticor uniquely addresses the fundamental cloud security issue of
data encryption with keys managed in the cloud, companies are now assured
that their private data stored in the cloud acros... (more)
More and more enterprises now rent space or servers on the cloud to store
data. However, the fact that such data remains outside the ambit of the
enterprise’s security system and invisible to the enterprise poses a
serious security headache.
Porticor Virtual Private Data, an Israeli based start-up now offers
technology that allows organizations to encrypt data held in the cloud.
The service, which includes a Virtual Appliance and an agent software, offers
standard AES 256 or Blowfish encryption that has a maximum key length of 2048
bits. A unique “split-key” method adds to the secu... (more)