Page 6 - CDM-Cyber-Warnings-March-2014
P. 6
-"18/3(.- 2 $15("$ Although virtually all organizations from small businesses to large enterprises to government departments see cloud as a vital element of their IT strategy, the reality is that for many years to come, applications and computing will be distributed on a hybrid cloud architecture. The hybrid cloud includes both the private cloud and a variety of public clouds that customers can change out or add to the mix as business needs evolve. Regardless of the deployment model, the cloud is clearly on its way to becoming the next generation computing paradigm. If that’s the case, why aren’t more critical workloads running in the public cloud? Is it possible there’s a storm brewing in the cloud that’s postponing deployments? The Cloud, Security and Cloud Security While cloud deployments continue to take off, several challenges are thrown into the mix –cyber surveillance, data remanence concerns, regulatory compliance laws, shared multi-tenant infrastructure and advanced cyber-attacks. In fact, recent headlines reveal the obstacles for keeping data safe include risks of intellectual property theft, insider data leaks and breaches, as well as regulatory compliance fines. As organizations look to the cloud and forfeit elements of IT control on the way, C-level executives and board members are sure to begin asking questions. Who is watching their data? Are they still acting in accordance to compliances? What do we do if we need to switch providers in the near future? While not all of the questions need to be addressed at time of deployment, they are something that must be thought through for the long term. For the initial deployment, the main issue when moving critical enterprise workloads to the cloud—security—requires careful and some possible forward-thinking planning. A new class of security is needed for the hybrid cloud environment. Ideally, one that is easy to deploy, scales on demand, is adaptable in any environment, requires minimal specialized IT training and ensures technology does not get in th`e way of business operations. Encryption for Cloud Security The idea of encryption is not a new technology; in fact, it’s been securing connections for online activities including banking, shopping and accessing email accounts for quite some time. Use in the enterprise has been slower to adopt, however. Enterprise encryption has, traditionally, been reserved for “elite” organizations with highly skilled IT staff, big budgets, targeted use cases and implementations that place the burden of deciding when and what to encrypt on the end user. " # % " $ " # ! !