Welcome!

Every Cloud Needs a Silver Lining

Gilad Parann-Nissany

Subscribe to Gilad Parann-Nissany: eMailAlertsEmail Alerts
Get Gilad Parann-Nissany via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Gilad Parann-Nissany

The US Federal Communications Commission has recently reported that "theft of digital information has become the most commonly reported fraud, surpassing physical theft." Businesses can do a lot to protect themselves. The FCC issued a Tip Sheet for small businesses to promote employee security training, firewalls, securing of WiFis, and more. But for business operating in (or migrating to) cloud environments; data security, cloud computing security issues, and challenges take on  new meanings and require new strategies. Security in the Cloud: Unique Challenges In the cloud, data security poses new risks and challenges. We are no longer concerned just with burglars breaking into our offices to steal computers, but rather with the data belonging to complete systems deployed to the cloud. When using public cloud infrastructure like that of AWS, VMware, Microsoft Azure... (more)

Encrypting Data Held in the Cloud

More and more enterprises now rent space or servers on the cloud to store data. However, the fact that such data remains outside the ambit of the enterprise’s security system and invisible to the enterprise poses a serious security headache. Porticor Virtual Private Data, an Israeli based start-up now offers technology that allows organizations to encrypt data held in the cloud. The service, which includes a Virtual Appliance and an agent software, offers standard AES 256 or Blowfish encryption that has a maximum key length of 2048 bits. A unique “split-key” method adds to the secu... (more)

Cloud Security and the Omnibus HIPAA

The new and enhanced HIPAA omnibus standard brings an interesting question with regards to cloud security and the shared responsibility model in IaaS clouds. Since the release of the HIPAA omnibus, we’ve received many questions around “BAA” agreements, and how the responsibility split actually happens between (for example) the cloud provider and an ISV providing a healthcare application in an IaaS environment. Cloud HIPAA compliance still requires a shared responsibility model Without getting to the details of what a “Business Associate Agreement” means, I’ll simply say that the u... (more)

Cloud Encryption Deployment for VMware-Based Application Services

As the infrastructure cloud market (IaaS and PaaS) continues to grow rapidly, we are seeing quite a few customers who are delivering an application – whether it is a mission-critical or SaaS application – and basing their solution on VMware. Some of these are deploying VMware in their private data center, while others are leveraging the cloud model and “renting” capacity from a public VMware-based cloud provider. In a way, both of these scenarios are public: in many of the cases the “private cloud” scenario serves users who belong to different organizations, so from the user poi... (more)

Securing Cloud Data from Cybercrime, Intrusion and Surveillance

By John Sotiropoulos - In my previous post  (Cloud Data, Security, Privacy & Confidentiality/ The ISV Perspective) I talked about the increasing exposure of data, the changing landscape of data confidentiality and the need to shield data rather than retreat into – largely mythical  -“safe heavens” of on premise.  When storing data in the cloud, key management becomes a critical aspect of data confidentiality and a new crop of vendors are beginning to emerge simplifying encryption and key management. Having looked at most of the new crop of cloud encryption vendors, we liked Port... (more)