|By Gilad Parann-Nissany||
|July 17, 2014 01:00 PM EDT||
In a post Snowden world it is clear that for cloud data security, we need strong encryption. When properly implemented, encryption in the cloud reduces risk to levels acceptable for sensitive data.
There is no doubt data protection in the cloud computing era is never going to be a ‘one size fits all’ kind of a solution. It requires a 360-degree view of the company with 365-days a year dedication.
The best place to start is with a risk analysis so you know what kind of data you have, its levels of sensitivity, who’s using it, where it’s used and stored, and how and where and over what technologies it’s going to ‘commute’. You need to understand your company’s data – in terms of technology and human weaknesses. Data should be unreadable to an attacker. It must be incoherent at all times to anyone other than you and your trusted personnel: while it’s travelling – or you are; whether it’s in transit, storage, stopping, or resting, data is safest in encrypted form.
Once you’ve decided to encrypt your data, your next concern should definitely be the encryption key. If the encryption key is stolen or mislaid, the bad guys can crack the encryption code. You can’t let that happen, can you? You have to keep your encryption key safer than your house or car keys – as safe, say, as a Swiss Bank. In particular, you don’t want to hand over your cloud encryption key to your cloud or any other service provider, nor will you want it openly stored in the cloud or on the desktop of a laptop or any other device that could fall into the wrong hands within your company or outside its physical walls.
A handful of companies out there offer different flavors of encryption key storage and management. Here at Porticor, we opted for a solution that gives peace of mind and the highest level of encryption and encryption key protection to companies that must comply with the most stringent data and privacy protection standards in the world, notably HIPAA, PCI DSS, Safe Harbor and SOX, as well as many other global and regional legal requirements. As a result, our patented split-key encryption technology will make your encrypted data safe.
How do we protect the key?
With the Porticor solution, a unique key is used to encrypt each object of data and the key is split in two. The first half, call it the master key, will be in use by all the objects in the application. It’s your half of the key and we have no knowledge of it, nor do we store it. The second half, that part that is unique to the particular data object, is stored by our key management service. Both parts of the key are essential to dynamically encrypt and decrypt the data whenever you need to access it. The good news is that only you know of the half of the key in the cloud, stored by the Porticor Key Management Service. It is encrypted by our homomorphic key encryption algorithm, making it ‘bulletproof’ and more as it cannot be stolen or hacked. You can find the detail by downloading our Key Management White Paperhere.
This goes together with standards-based data encryption, such as AES-256, to encrypt the entire the data – a complete solution to ensure that our clients’ keys and data are safely under their own control.
Jan. 21, 2017 01:30 AM EST Reads: 6,555
Jan. 21, 2017 01:15 AM EST Reads: 4,821
Jan. 21, 2017 01:15 AM EST Reads: 5,030
Jan. 21, 2017 01:15 AM EST Reads: 2,879
Jan. 21, 2017 12:30 AM EST Reads: 4,521
Jan. 21, 2017 12:15 AM EST Reads: 6,370
Jan. 21, 2017 12:00 AM EST Reads: 5,096
Jan. 21, 2017 12:00 AM EST Reads: 4,689
Jan. 20, 2017 10:45 PM EST Reads: 897
Jan. 20, 2017 08:45 PM EST Reads: 4,373
Jan. 20, 2017 06:30 PM EST Reads: 5,461
Jan. 20, 2017 05:45 PM EST Reads: 2,097
Jan. 20, 2017 05:30 PM EST Reads: 1,479
In his General Session at DevOps Summit, Asaf Yigal, Co-Founder & VP of Product at Logz.io, will explore the value of Kibana 4 for log analysis and will give a real live, hands-on tutorial on how to set up Kibana 4 and get the most out of Apache log files. He will examine three use cases: IT operations, business intelligence, and security and compliance. This is a hands-on session that will require participants to bring their own laptops, and we will provide the rest.
Jan. 20, 2017 05:15 PM EST Reads: 4,959
Jan. 20, 2017 05:15 PM EST Reads: 3,812