Are public clouds really safer than private data centers?

Grazed from Fortune. Author: Tom Krazit.

You can’t blame companies with huge technology budgets for being conscious of computer security. Today, everything seems to be Internet-connected—and every day there seems to be a headline about a new data breach. Even if industry mentalities have shifted to thinking about a corporate hack as a matter of “when,” not “if,” it’s still paramount to make sure you are doing everything in your power to minimize the risk.

This defensive mindset was a big problem for the budding cloud computing industry in its early days. You want me to store my company’s most sensitive data in the same place as my competitors do? And in the same place as data from scuzzy startups I have nothing to do with? And then let a bookseller host it? No thanks!...

ISO 27018, the cloud computing privacy standard: one year on

Grazed from SiliconRepublic. Author: Editorial Staff.

Following the first anniversary of the publication of ISO 27018 – an international privacy standard governing the processing of personal data in the cloud — Mason Hayes & Curran looks at how successful the new standard has been and the challenges customers and cloud providers are facing following its adoption.

Last summer, the International Standards Organisation (ISO) and the International Electrotechnical Commission (IEC) published ISO 27018, the first privacy-specific international standard for cloud services. The new standard specifies the roles of a data controller and a data processor in maintaining the security and privacy of personally identifiable information (PII) stored in a public cloud environment...

Cloud Computing: Is your data privacy and security bulletproof?

Grazed from CloudTech. Author: Saimon Michelson.

To ensure a completely bulletproof data service, there are certain components you must own and control. At all times, you need to ensure that you’re in the driver’s seat, and that you didn’t hand over your car keys, along with your corporate data security and privacy, to someone else.

As your company's security expert, you are the one chosen to protect your organisation's data so you should invest in a system that allows you to apply your corporate policies, integrate your corporate security countermeasure systems while gaining continuous insight to your corporate user usage patterns...

Cloud Computing: Should governments be able to look at your data when it is abroad?

Grazed from The Economist. Author: Editorial Staff.

SUPPOSE FBI agents were to break into the postbox of an American company in Dublin to seize letters which might help them convict an international drug dealer. There would be general uproar, if not a transatlantic crisis. But that is essentially what the FBI wants to happen, albeit in the virtual realm: it has asked a court to order Microsoft, in its capacity as a big e-mail provider, to hand over messages from a suspect in a drugs case which are stored in a data centre in Ireland.

On September 9th an appeals court in New York will hear oral arguments on whether Microsoft has to comply. The case has many wrinkles, mainly due to the fact that the relevant American laws were written before the internet took off. In a sense, the court has to guess what lawmakers would have written into legislation if the global network had already been around...

Can California Lead on Privacy in Cloud Computing?

Grazed from  Author: Anupam Chander.

My parents grew up in a pen and paper world, where most of their writings and records were kept at home, in their offices, or with close confidantes. I grew up in a world of computers, but even my writings were mostly kept at home on hard drives and floppy disks (for today’s students, many of whom have never seen a floppy disk, a history of the floppy disk). My first writings were kept, astonishingly, on a cassette recorder, which stored what I typed on my TRS-80, a computer made by Radio Shack. That computer had a total memory of 16K, roughly 16,000 characters (not even words) of text.

My children are growing up in the cloud, where their writings and their records are being stored in remote computers. Because those computers are managed by Dropbox, Google, Microsoft, and their peers, their writings are far more secure than I ever managed when I stored my files on a floppy or a hard drive, both of which failed with remarkable regularity and maximally devastating timing...

Cloud computing in schools: privacy under threat

Grazed from ComputerWeekly. Author: David Bollero.

Schools are increasingly adopting cloud computing to take advantage of the associated flexibility and cost savings. From a budgetary standpoint, schools can achieve better value for money and improved functionality through the cloud. New pedagogical models such as the flipped classroom, which have been largely associated with massive open online courses (Moocs), are improving both teaching and learning processes.

However, this new scenario also implies substantial risks to privacy, which should be addressed to ease the transition to a digital environment. For this reason, the Spanish Data Protection Agency (AEPD) has introduced Europe's first inspection of cloud computing services in education...

Read more from the source @

MIT's Enigma: Decentralized Cloud Platform with Guaranteed Privacy

Grazed from InsideBitCoins. Author: Editorial Staff.

A pair of Bitcoin entrepreneurs and the MIT Media Lab has revealed a prototype for a system called Enigma, a decentralized cloud platform with guaranteed privacy. Enigma allows users to store, share, and analyze personal data without it being fully revealed to any party. Powered by the blockchain, Enigma aims to be a secure, multi-party computation. The team at MIT has already developed a prototype for Enigma, which is based on a highly optimized version of secure multi-party computation, guaranteed by a verifiable secret-sharing scheme. MIT Media Labs’ whitepaper says:

“For storage, we use a modified distributed hashtable for holding secret-shared data. An external blockchain is utilized as the controller of the network, manages access control, identities and serves as a tamper-proof log of events. Security deposits and fees incentivize operation, correctness and fairness of the system...

Dealing With Data Privacy in the Cloud

Grazed from CIO. Author: Paul Trotter.

Data has become a buzzword that means different things to different people, but all organisations agree that understanding customer behaviour, sales performance, and information processes can build a platform for achieving business success. However, our reliance on data and the potential pitfalls associated with managing it have given rise to the need for safeguards for the protection of information, particularly in Europe where the General Data Protection Regulation (GDPR) will soon come into force.

GDPR is designed to harmonise the current data protection regulations across EU member states, with strict data compliance stipulations and the possibility of huge financial penalties for those who breach of the rules. While the regulation doesn’t deal specifically with cloud service providers, it does have implications for organisations that use cloud services to store data...

Cloud Computing: Are privacy fears affecting the rise of wearable technology?

Grazed from ITProPortal.  Author: Nick Black.

As more wearable devices continue to enter into the market and into our lives, questions are being raised as to how vulnerable this may be making us when it comes to potential security and privacy risks.  Smartphones already have the capacity to hold a large quantity of data about us as individuals and wearable technology is likely to work in a similar way – with fitness trackers able to store information about our health, for example, or the routes taken during exercise sessions.

There have been many pieces of research that have looked into the connection between possible privacy risks and wearable technology. Rackspace Hosting, a cloud computing company, surveyed 4,000 people in the UK and US and found that 51 per cent of those who took part believed privacy was an issue when it came to the adoption of wearable technology, and 62 per cent said wearables should be regulated in some way...

Microsoft Research Unveils VC3 Cloud Workload Privacy Project

Grazed from eWeek. Author: Pedro Hernandez.

Extending its "lockbox" approach to securing data on the cloud, Microsoft's research arm today announced a new technology dubbed Verifiable Confidential Cloud Computing, or VC3. Last year, the Redmond, Wash.-based software giant announced a new process for safeguarding cloud data called a lockbox.

Encompassing a set of technologies, along with strict policies and IT practices at the company's cloud data centers, the approach essentially places customers in complete control of their data and requires that they issue their approval before even Microsoft's own administrators can access protected information...