|By Paige Leidig||
|June 23, 2014 08:45 AM EDT||
In many industries, cloud computing is now vital to remaining competitive. The cloud typically offers superior flexibility, scalability, accessibility, and high availability, enabling businesses to grow more agile and responsive. Regulatory compliance concerns often make banks and other financial service providers slower to adopt the cloud, but even in the financial services industry, the cloud will soon become a necessity.
Banks are already seeing attractive use cases for cloud computing, as Bank Systems & Technology's Bryan Yurcan and Jonathan Camhi pointed out late last year. Cloud-based payment processing is one hot topic. Cloud-based document management is another. Analytics for business insight and fraud detection are also growing popular. However, all of these applications will require a thorough understanding of the regulatory restrictions and how to comply with them. One of the most essential tools to make sure your cloud adoption meets regulatory requirements is cloud data encryption.
What to Protect
PCI DSS mandates the protection of customer account data, which you'll need in order to process payments in the cloud. Per PCI DSS 3.0, that data includes:
- Primary Account Number (PAN)
- Cardholder name
- Expiration date
- Service code
- Full track data from cards' magnetic stripes or chips
- PINs or PIN blocks
PCI DSS requires organizations to "use strong cryptography and security protocols" for the transmission of sensitive cardholder information. Some of these fields are more sensitive than others, however. PANs are more sensitive than expiration dates, for example, while verification codes and PINs are so sensitive that PCI DSS outright forbids the storage of them after the transaction is completed. Your cloud data encryption strategy should include the ability to apply varying strengths of encryption at a granular, policy-based level so that you can apply the appropriate amount of protection to each data type.
Here are some best practices that can help you use cloud data encryption to safely make the most of the cloud.
Cloud Data Encryption Best Practices
- Identify every piece of sensitive data you're sending to your cloud applications and develop policies to apply appropriate levels of encryption to them. You'll need to work with all lines of business using the cloud to determine their exact uses for it and their cloud encryption needs.
- Encrypt or otherwise protect all sensitive data you handle before it leaves your premises.
- Encrypt and do not store the most sensitive cardholder and authentication data: full track data, card verification codes, and PINs and PIN blocks.
- Integrate your cloud encryption solution with DLP tools that can detect and generate alerts on activity around sensitive data to prevent the unauthorized access or sharing of data and documents that contain protected information.
Use cloud data encryption that preserves your cloud application functionality
To enjoy the benefits of cloud computing, develop a cloud data encryption strategy that secures your data but also preserves the functionality of the cloud applications you've chosen. Tools like CipherCloud's Searchable Strong Encryption can help, as can encryption and tokenization schemes that retain the original format of the data while hiding the actual values.
How does your organization use cloud encryption to remain compliant? Let us know your thoughts in the comments
Extreme Computing is the ability to leverage highly performant infrastructure and software to accelerate Big Data, machine learning, HPC, and Enterprise applications. High IOPS Storage, low-latency networks, in-memory databases, GPUs and other parallel accelerators are being used to achieve faster results and help businesses make better decisions. In his session at 18th Cloud Expo, Michael O'Neill, Strategic Business Development at NVIDIA, focused on some of the unique ways extreme computing is...
Aug. 26, 2016 01:15 AM EDT Reads: 2,000
Aug. 26, 2016 01:00 AM EDT Reads: 1,930
Aug. 26, 2016 12:45 AM EDT Reads: 2,226
Aug. 26, 2016 12:30 AM EDT Reads: 2,885
Aug. 25, 2016 11:45 PM EDT Reads: 2,261
Aug. 25, 2016 10:45 PM EDT Reads: 1,860
Aug. 25, 2016 10:15 PM EDT Reads: 1,707
Aug. 25, 2016 09:15 PM EDT Reads: 2,191
Aug. 25, 2016 09:00 PM EDT Reads: 1,693
Aug. 25, 2016 08:45 PM EDT Reads: 1,372
Aug. 25, 2016 06:30 PM EDT Reads: 1,924
Aug. 25, 2016 05:15 PM EDT Reads: 667
Aug. 25, 2016 04:15 PM EDT Reads: 455
Aug. 25, 2016 03:30 PM EDT Reads: 1,492
Aug. 25, 2016 02:00 PM EDT Reads: 3,548