Cloud Computing Economics - There Is No Free Service

Cloudonomics Journal

Subscribe to Cloudonomics Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Cloudonomics Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Data security in cloud computing Cloud Encryption Cloud Computing  linkedin1 Cloud Encryption: The Newest Figures, Trends, and InnovationsCloud computing has been called “the most disruptive technology ever,” compelling businesses large and small to alter strategies and change business models. The Internet of Things and the trend of Everything as a Service has spurred a $150 billion cloud computing industry. And yet, cloud security (and, its key component: cloud encryption) is still the top inhibitor to cloud adoption, according to the Future of Cloud Computing survey. What would the cloud computing ecosystem look like without this chief concern? To imagine the possibility, let’s explore some of the figures and trends driving cloud encryption innovation.

The Rate of Cloud Adoption

Though exact figures differ depending on the source, a conservative estimate is that offered by HP Cloud’s Public Cloud Security Research, November 2013. Seventy percent of companies use some sort of cloud computing. A number that grows to 80% in the cases of enterprise-level organizations.

The Rate of Cloud Security Breaches

The same study found that of those companies currently operating in the public cloud, 16%have reported at least one cloud security breach. In another recent study by the Ponemon Institute, entitled “Data Breach: The Cloud Multiplier Effect,” researchers found that a data breach could be up to three times costlier if it happens in the cloud. A previous study by the Ponemon Institute, “Cost of a Data Breach,” established a cost of $201.18 per lost or stolen customer record. For a data breach involving 100,000 or more customer records the cost would come to just over $20 million.

The Rate of Cloud Encryption

With such great financial risk and so many companies operating in the cloud, it is quite surprising that the Ponemon Institute found that of those who store sensitive data in the cloud, only half use encryption. Though cloud encryption, on its own, may not be adequate to properly defend against breaches and protect data in case a breach does occur, it is a fundamental building step upon which cloud security policies are built. The fact that only half of companies use encryption is both surprising and worrying.

Trend: Staying in Control of Sensitive Data

Larry Ponemon, the chairman and founder of The Ponemon Institute, advises that “staying in control of sensitive or confidential data is paramount for most organizations, and yet our survey shows they are transferring ever more of their most valuable data assets to the cloud.”

Ponemon continued: “It’s perhaps a sign of confidence that organizations with the highest overall security posture were most likely to use the cloud for operations involving sensitive data, and it’s encouraging to find significantly fewer respondents believe that use of the cloud is weakening their security posture. However, there are still concerns that many organizations continue to believe their cloud providers are solely responsible for protecting their sensitive data even though the majority of respondents claim not to know what specific security measures their cloud provider is taking.”

New Cloud Encryption Innovations

The next step in the evolution of cloud, therefore, is that companies will use the cloud while understanding how to retain control and ownership of their data for themselves. There are new innovations in the cloud computing space that ensure cloud security is as good as (if not better than) data security within the physical datacenter. Split key encryption is a process in which data in encrypted and the encryption key is split into two parts. Because both parts are required to access data, and one part remains at the sole discretion of the data owner, control of the sensitive data remains only with its owner.

Another innovation, homomorphic key management, enables cloud encryption of the encryption key itself. This way, data at rest is secure along with data in motion. Even while it is in use in the cloud, an encryption key cannot be revealed.

These innovations enable compliance with regulations like HIPAA and PCI and, perhaps more importantly, enable the 70% of companies that use the cloud to rest assured that their data is always secure.

The post Cloud Encryption: The Newest Figures, Trends, and Innovations appeared first on Porticor Cloud Security.

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.