Dedicated to covering high-end cloud computing
in science, industry and the datacenter
August 01, 2012
Can Service Providers Curb Privacy Concerns?
Recent cloud computing surveys share a similar tone regarding user perceptions of the technology. While enterprise managers look to cloud as a cost-savings measure, IT professionals are squeamish when it comes to moving sensitive data offsite. Indeed, privacy concerns are leading users to think twice about migrating their applications to cloud services.
Eosensa, a governance, risk and compliance advisory service provider, addresses these issues in a recent report: "Protecting Sensitive Data in the Cloud."
The authors discuss how various methods of encryption and tokenization can better secure information stored in public clouds. For example, the FIPS 140-2 spec, described by NIST as a strong encryption type, is required for products that use government encryption and is suggested for use on data stored in SaaS applications.
Tokenization is another form of data security that is aimed at answering residency issues, which arise when servers store only a portion of the data. The technique is used to reduce the scope of compliance management and auditing for SaaS applications.
Will these solutions convince potential users of cloud services that their data is safe? What about the preying eye of government?
Earlier this year, HPC in the Cloud wrote about a report published by international law firm Hogan Lovells. The study compared the laws of 10 countries in respect to government access of cloud-based data. While the US was typically considered the worst offender of data privacy, other countries had implemented similar, and in some cases, harsher tactics. These nations included the United Kingdom, Germany, France, Spain, Australia, Canada and Japan among others.
In every case, the state could require cloud service providers to disclose customer data during the course of a government investigation. They also had access to monitor electronic communications sent through a cloud provider's systems. France stood out for its power to compel encryption service providers to hand keys over to government officials.
While services like Eosensa may assist users with data encryption and compliance requirements, they cannot guarantee a risk-free environment. Their service may even lead users to experience a false sense of security, at least as far as government interception is concerned.
Encryption and tokenization are important methods to increase data privacy, but governments hold the highest authority on the matter. Without new legislation reducing the power of government access to cloud-based data, no vendor can guarantee the security of their clients' information.
Discussion
There are 0 discussion items posted.
|
Join the Discussion |
RSS Feeds
Feeds by Topic
Feeds by Content Type
Subscribe to All Content
This Week's Headlines
Most Read Features
- On the Verge of Cloud 2.0
- The Evolution of the Virtual Platform
- Overcoming the Cloud Security Barrier for Financial Services
- Research Roundup: Toward a More Efficient Cloud
- Research Roundup: Prepping Clouds for Data Influx
- Avoiding Scientific Computing Bottlenecks in the Cloud
Most Read Around the Web
- Dell Cloud Clinical Archive Hits 6 Billion
- HPC and the True Cost of Cloud
- In Support of Cloud-based Rendering
- Running Computational Fluid Dynamics in the Cloud
- Internet2 Awards Program Seeks Innovative Applications
Most Read This Just In
- OVH.com Launches North America's First Dedicated VMware Cloud Hosting
- IBM Named Diamond Sponsor of 12th International Cloud Expo
- Amazon Web Services Launches Certification Program for Cloud Computing Professionals
- Internet2 Expands NET+ with Amazon Web Services
- OpenNebula 4.0 Released
- Fujitsu Announces Vertically Integrated Virtualization and Cloud Platform
- Trend Micro Improves Cloud Security for Amazon Web Services
- Ubuntu Server 13.04 Now Available
- Cisco MDS Storage Switches Certified By Hitachi Data Systems
- High Availability IaaS Now Standard for ProfitBricks
Feature Articles
CERN, Google, and the Future of Global Science Initiatives
Large-scale, worldwide scientific initiatives rely on some cloud-based system to both coordinate efforts and manage computational efforts at peak times that cannot be contained within the combined in-house HPC resources. Last week at Google I/O, Brookhaven National Lab’s Sergey Panitkin discussed the role of the Google Compute Engine in providing computational support to ATLAS, a detector of high-energy particles at the Large Hadron Collider (LHC).
Read more...
Avoiding Scientific Computing Bottlenecks in the Cloud
Frank Ding, engineering analysis & technical computing manager at Simpson Strong-Tie, discussed the advantages of utilizing the cloud for occasional scientific computing, identified the obstacles to doing so, and proposed workarounds to some of those obstacles.
Read more...
Overcoming the Cloud Security Barrier for Financial Services
The private industry least likely to adopt public cloud services for data storage are financial institutions. Holding the most sensitive and heavily-regulated of data types, personal financial information, banks and similar institutions are mostly moving towards private cloud services – and doing so at great cost.
Read more...
Sponsored Whitepapers
Best Practices in Big Data Storage
05/10/2013 | Cleversafe, Cray, DDN, NetApp, & Panasas | From Wall Street to Hollywood, drug discovery to homeland security, companies and organizations of all sizes and stripes are coming face to face with the challenges – and opportunities – afforded by Big Data. Before anyone can utilize these extraordinary data repositories, however, they must first harness and manage their data stores, and do so utilizing technologies that underscore affordability, security, and scalability.
Exploring the Potential of Heterogeneous Computing
04/02/2012 | AMD | Developers today are just beginning to explore the potential of heterogeneous computing, but the potential for this new paradigm is huge. This brief article reviews how the technology might impact a range of application development areas, including client experiences and cloud-based data management. As platforms like OpenCL continue to evolve, the benefits of heterogeneous computing will become even more accessible. Use this quick article to jump-start your own thinking on heterogeneous computing.
Sponsored Multimedias
Newsletters
HPC Job Bank
- Executive Director ? E-iRODS Consortium
UNC-CH - RENCI - Visualization Interfaces & Applications Group Manager [Research Associate]
Texas Advanced Computing Center - Web Developer (Research Engineering/Scientist Associate III)
Texas Advanced Computing Center - Mobile Application Developer [Research Engineering/Scientist Associate III]
Texas Advanced Computing Center - Research Programmer
NCSA - Information Assurance Specialist
Secure Mission Solutions - Visit the HPCwire Job Bank
Featured Events
- May 28, 2013
- May 31, 2013
Bio-IT World Asia
Marina Sands Bay,
Singapore
- June 10, 2013
- June 13, 2013
Cloud & Big Data Expo
New York City, NY
United States
- June 16, 2013
- June 20, 2013
ISC'13
Leipzig,
Germany
.gif)
- June 17, 2013
- June 18, 2013
Forecast 2013
San Francisco, CA
United States
- June 18, 2013
- June 18, 2013
5th Annual Cloud Slam 2013 Conference & Exhibition
Santa Clara, CA
United States
- June 26, 2013
- June 27, 2013
Cloud World Forum
London,
United Kingdom
