August 01, 2012
Recent cloud computing surveys share a similar tone regarding user perceptions of the technology. While enterprise managers look to cloud as a cost-savings measure, IT professionals are squeamish when it comes to moving sensitive data offsite. Indeed, privacy concerns are leading users to think twice about migrating their applications to cloud services.
Eosensa, a governance, risk and compliance advisory service provider, addresses these issues in a recent report: "Protecting Sensitive Data in the Cloud."
The authors discuss how various methods of encryption and tokenization can better secure information stored in public clouds. For example, the FIPS 140-2 spec, described by NIST as a strong encryption type, is required for products that use government encryption and is suggested for use on data stored in SaaS applications.
Tokenization is another form of data security that is aimed at answering residency issues, which arise when servers store only a portion of the data. The technique is used to reduce the scope of compliance management and auditing for SaaS applications.
Will these solutions convince potential users of cloud services that their data is safe? What about the preying eye of government?
Earlier this year, HPC in the Cloud wrote about a report published by international law firm Hogan Lovells. The study compared the laws of 10 countries in respect to government access of cloud-based data. While the US was typically considered the worst offender of data privacy, other countries had implemented similar, and in some cases, harsher tactics. These nations included the United Kingdom, Germany, France, Spain, Australia, Canada and Japan among others.
In every case, the state could require cloud service providers to disclose customer data during the course of a government investigation. They also had access to monitor electronic communications sent through a cloud provider's systems. France stood out for its power to compel encryption service providers to hand keys over to government officials.
While services like Eosensa may assist users with data encryption and compliance requirements, they cannot guarantee a risk-free environment. Their service may even lead users to experience a false sense of security, at least as far as government interception is concerned.
Encryption and tokenization are important methods to increase data privacy, but governments hold the highest authority on the matter. Without new legislation reducing the power of government access to cloud-based data, no vendor can guarantee the security of their clients' information.
10/30/2013 | Cray, DDN, Mellanox, NetApp, ScaleMP, Supermicro, Xyratex | Creating data is easy… the challenge is getting it to the right place to make use of it. This paper discusses fresh solutions that can directly increase I/O efficiency, and the applications of these solutions to current, and new technology infrastructures.
10/01/2013 | IBM | A new trend is developing in the HPC space that is also affecting enterprise computing productivity with the arrival of “ultra-dense” hyper-scale servers.
Ken Claffey, SVP and General Manager at Xyratex, presents ClusterStor at the Vendor Showdown at ISC13 in Leipzig, Germany.
Join HPCwire Editor Nicole Hemsoth and Dr. David Bader from Georgia Tech as they take center stage on opening night at Atlanta's first Big Data Kick Off Week, filmed in front of a live audience. Nicole and David look at the evolution of HPC, today's big data challenges, discuss real world solutions, and reveal their predictions. Exactly what does the future holds for HPC?