Cloud Compliance Tech Floods the Market

Grazed from American Banker. Author: Editorial Staff.

Federal agencies are starting to catch up to the risks posed by cloud computing. This is sure to stimulate compliance IT projects at financial institutions. A premium will be placed on data that’s in flight, or traveling the vulnerable path between banks and third parties.

CipherCloud , whose clients include two of the five largest U.S. banks, late this week debuted a new product called CipherCloud Connect AnyApp. The product is designed to encrypt data in transit, in use or at rest for public and private cloud applications — including infrastructure-as-as-service (IaaS), software-as-a-service (SaaS) and platform-as-a-service (PaaS). IaaS refers to the outsourcing of equipment used to support operations, such as storage and servers. PaaS refers to the leasing of operating systems, storage and network capacity over the internet. SaaS is a software distribution method in which hosted applications are delivered to firms over the web. Each of these methods involves some form of data transfer to a host, which places it under FFIEC’s guidance…

"The [FFIEC] guidance is about protecting data from criminals," says Kevin Bocek, a vice president at CipherCloud, adding that, as such, the FFIEC guidance lends itself to layered security measures such as format preserving encryption, a device long used to protect retail payments from hackers and other crooks…

Read more from the source @ http://www.americanbanker.com/issues/177_178/cloud-compliance-tech-floods-the-market-1052642-1.html