Welcome!

Every Cloud Needs a Silver Lining

Gilad Parann-Nissany

Subscribe to Gilad Parann-Nissany: eMailAlertsEmail Alerts
Get Gilad Parann-Nissany via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Gilad Parann-Nissany

The Benefits of Software-Defined Security At Gartner’s Security & Risk Management Summit, analysts identified 2014’s Top 10 Technologies for Information Security. They singled out software-defined security as a trend to watch, stating that because its “impact on security will be transformational.” Read the full article at Information Security Buzz. ... (more)

AWS Security Tips By @Porticor | @CloudExpo [#Cloud]

AWS Security Tips from Amazon Web Services CISO, Stephen Schmidt In a recent interview at AWS re:Invent, the vice president of AWS security engineering and the chief information security officer of Amazon Web Services, Stephen Schmidt, had these cloud security tips for AWS customers: 1. Understand your part of the shared responsibility model “It’s a shared responsibility. We are responsible for the bottom layer. We are responsible from the floor of the data center up to the hypervisor,” said Schmidt. According to FierceCIO, this means that “deploying a cloud infrastructure doesn’... (more)

Encrypted Database in the Cloud: Practical Considerations

Recently, in our post on Database security in the cloud, we reviewed the threats against database installations in the cloud and best practices for protecting your data. A number of customers have asked us follow-on questions: Which database brands are open and tested with these techniques? What are the most significant gotchas? What performance, scalability and fail-safe characteristics can they expect when securing their database in the cloud? We have found that all the major relational database brands (MySQL, Oracle, Microsoft SQL Server, and IBM DB2, among others) can work wel... (more)

Encrypting Data Held in the Cloud

More and more enterprises now rent space or servers on the cloud to store data. However, the fact that such data remains outside the ambit of the enterprise’s security system and invisible to the enterprise poses a serious security headache. Porticor Virtual Private Data, an Israeli based start-up now offers technology that allows organizations to encrypt data held in the cloud. The service, which includes a Virtual Appliance and an agent software, offers standard AES 256 or Blowfish encryption that has a maximum key length of 2048 bits. A unique “split-key” method adds to the sec... (more)

Cloud Security and the Omnibus HIPAA

The new and enhanced HIPAA omnibus standard brings an interesting question with regards to cloud security and the shared responsibility model in IaaS clouds. Since the release of the HIPAA omnibus, we’ve received many questions around “BAA” agreements, and how the responsibility split actually happens between (for example) the cloud provider and an ISV providing a healthcare application in an IaaS environment. Cloud HIPAA compliance still requires a shared responsibility model Without getting to the details of what a “Business Associate Agreement” means, I’ll simply say that the u... (more)