Cloud Encryption

Atlantic.Net Announces Cloud Platform That Encrypts All Customer Data Stored At Rest Automatically

Grazed from Atlantic.Net

Today, Atlantic.Net, a leading cloud hosting solutions provider, announced that the Atlantic.Net Cloud Platform now encrypts all customer data stored at rest by default. As part of an ongoing effort to ensure the privacy of customer data, Atlantic.Net's world-class encryption will take place at the storage system layer and be implemented in a transparent manner, with no need for configuration by the user. Atlantic.Net believes encryption of customer's data at rest shouldn't be an optional feature and is now a requirement of all computing, free of charge.

Data is automatically encrypted prior to being written to the disk using Advanced Encryption Standard 256-bit (AES-256), which is the only publicly accessible encryption cipher approved by the National Security Agency (NSA) for top-secret information and is often included as part of customer compliance requirements. Furthermore, each encryption key used to encrypt data is encrypted with a set of master keys for additional security.

Cloud security harder than 'encrypt everything'

Grazed from TheRegister. Author: Richard Chirgwin.

Australia's wildly-enthusiastic adoption of cloud computing is providing the rest of the world a crucible in which a host of security challenges can be cultured, according to F5 security researcher David Holmes. Speaking to The Register's networking desk while visiting the antipodes, Holmes said that “Australia is becoming the great laboratory” of cloud-first strategies, and along the way, encountering a fair amount of first-adopter security pain.

The pain is especially acute, Holmes said, for a customer that wants to spread the same service across different clouds (which is a sensible resilience strategy). “Customers want to spin up the same service on different clouds, but at the same time, they want to encrypt everything”, he said...

Cloud Computing: How fully homomorphic encryption can prevent infiltration of secure networks

Grazed from CIO. Author: Kurt Rohloff.

At the end of September, President Obama announced that China and the United States had reached an agreement: neither country would support or participate in cyberespionage that results in the loss of intellectual property. While the effectiveness of the agreement between the U.S. and China is still in question (James Clapper, director of national intelligence, said he is “inherently skeptical”), it’s essential that the cybersecurity community continues to secure computer networks from the tactics that were successfully used by nation-state actors, such as spear phishing.

Research and advancements within technology are showing that fully homomorphic encryption can substantially limit the infiltration of secure networks, combat the offensive techniques used by nation-states and usher in a new generation of cloud computing technologies...

The cryptic cloud: Can cloud encryption operate effectively right now?

Grazed from CloudComputing.net. Author: Pedro Venda.

Encryption in the digital world is akin to a safe in the physical world. Data is locked away and can only be seen by those who have the correct key. Among other things, encryption is what provides an assurance of confidentiality in data security and it is fast gaining ground in the cloud. But is encrypted data therefore more secure? Not if your keys are transferred in the clear, duplicated or mismanaged.

Data that goes to the public cloud is usually transferred securely and files are not kept on public web servers, so the obvious security measures are there. But once it gets to the storage server, data is beyond the user’s reach or control. It may be stored unencrypted or not, it may be read by the service administrator or not...

SafeNet launches encryption-as-a-service offering

Grazed from TelecomPaper. Author: Editorial Staff.

Global data protection company, SafeNet has announced ProtectV for Service Providers, an encryption offering that lets service providers deliver enhanced data protection and access control to their customers when storing their data in cloud and virtual environments. ProtectV can be deployed into a customer environment as part of a service provider's Infrastructure-as-a-Service (IaaS) offering, and delivers full encryption of virtual machines and storage volumes that their customers can use to protect their data and segregate it from the provider and other customers.

It prevents unauthorised data access by enabling organisations to separate and control their information in multi-tenant environments, including public and hybrid cloud models. ProtectV for Service Providers is available for Amazon Web Services partners and VMware cloud platforms...

Read more from the source @ http://www.telecompaper.com/news/safenet-launches-encryption-as-a-service-offering--1051228

Cloud Computing: Hacker Lexicon - What Is Homomorphic Encryption?

Grazed from Wired. Author: Editorial Staff.

The problem with encrypting data is that sooner or later, you have to decrypt it. Keep your cloud files cryptographically scrambled using a secret key that only you possess, and it’s likely no hacker will have the codebreaking resources necessary to crack them. But as soon as you want to actually do something with those files—anything from editing a word document or querying a database of financial data—you have to unlock the data and leave it vulnerable. Homomorphic encryption, a still-mostly-theoretical advancement in the science of keeping secrets, could change that.

A homomorphic encryption scheme is a crypto system that allows computations to be performed on data without decrypting it. A homomorphically encrypted search engine, for instance, could take in encrypted search terms and compare them with an encrypted index of the web. Or a homomorphically encrypted financial database stored in the cloud would allow users to ask how much money an employee earned in the second quarter of 2013...

Federal Cloud Ruling Forces Encryption Key Control Issue

Grazed from TalkinCloud. Author: Mike Vizard.

Concerns over privacy and data governance in the cloud have reached a new level in the wake of a Federal court ruling requiring Microsoft to turn data over to the U.S. government that it has been storing for customers in a data center located in Ireland. Because Microsoft is incorporated in the United States, Federal Judge Loretta A. Preska ruled that the U.S. government still has the power to compel Microsoft to turn over data regardless of where it is physically stored. In the wake of recent court rulings, cloud service providers (CSP) had been storing data outside of the United States on behalf of customers that did not want that data to subject to U.S. jurisdiction. The ruling by Judge Preska is clearly a blow to cloud service providers based in the United States that are trying to compete in what has become a global cloud computing market.

But as disturbing as this latest Federal ruling is to cloud service providers, it may prove to be a boon to providers of encryption technologies. IT organizations have long-resisted the use of encryption because it has been difficult to manage and created a lot of processing overhead. But the federal ruling makes it clear that the only way IT organizations can retain control over their data is if they retain control over keys used to encrypt their data...

Porticor, HP Form Cloud Encryption Partnership

Grazed from ExecutiveBiz. Author: Andy Reed.

Cloud computing security company Porticor will integrate its encryption technology with the HP Atalla platform as the companies aim to help users securely pass data across public, private or hybrid clouds. Porticor’s data protection technology is built to protect the expanding fan of cloud environments and to combine data encryption with patented encryption and homomorphic management technologies to adapt to the changing landscape, the companies said Wednesday.

The companies announced their collaboration at the 2014 HP Discover event in Las Vegas. Porticor saying it is the first company to offer customers full confidentiality for cloud data. Gilad Parann-Nissany, Porticor founder and CEO, said that when migrating data to the cloud security should be anything but an inhibitor...

See more at: http://blog.executivebiz.com/2014/06/porticor-hp-form-cloud-encryption-partnership-gilad-parann-nissany-comments/#sthash.vRFsqB1R.dpuf

Vaultive Encryption for the Cloud Enables First Global Bank to Migrate to Office 365

Grazed from Vaultive. Author: PR Announcement.

Vaultive today announced that the first global investment bank to adopt Microsoft's Office 365 service has selected Vaultive to provide the data encryption required to enable the bank to migrate its global workforce to the cloud. The bank chose Vaultive after an exhaustive 6 month competitive review, citing Vaultive's strongest level of data encryption, functionality, performance, responsiveness, and support for multiple cloud-applications.

While banks and other financial services firms have long been at the forefront of technology trends, this is not the case with cloud computing. Strict regulatory requirements, as well as security and disclosure concerns, have prevented cloud adoption. In addition, firms that operate globally are constrained from migrating to the cloud by a growing number of international data residency laws...

Why is 'bring your own encryption' (BYOE) important?

Grazed from TechTarget.  Author: James Staten.

BYOE, or bring your own encryption, is a cloud computing security model that allows cloud services customers to use their own encryption software and manage their own encryption keys. It works by allowing customers to deploy a virtualized instance of their own encryption software alongside the business application they are hosting in the cloud. The business application is configured so that all its data is processed by the encryption application, which then writes the ciphertext version of the data to the cloud service provider's physical data store

In this Ask the Expert, James Staten, an analyst at Cambridge, Mass.-based Forrester Research Inc., discusses with SearchCIO Senior Features Writer Karen Goulart why this model is important for enterprises today, the skills required to employ BYOE and when the trend will peak...