|By David Canellos||
|May 13, 2014 11:15 AM EDT||
Last month, the Information Security Forum released their annual prediction of the top 10 information security threats they foresee for the next two years - through 2016. While I found the entire list insightful, half of the list resonated strongly with me as someone who is working with large enterprises as they wrestle with security and compliance challenges as they embark on cloud adoption. I believe this group of five predictions is particularly relevant for anyone utilizing the cloud over the next two years and I've added a few of my own thoughts on each.
1. Service Providers Become a Key Vulnerability
I find this first prediction especially valid and timely because of some recent headlines. Service providers, given the nature of their business, are a prime "aggregation" for all types of sensitive/valuable data. Cyber criminals and hackers realize this, which puts a big target on the backs of service providers. Think about it - a successful breach equals a treasure trove of coveted information from potentially multiple tenants. And the reality is that service providers acting as a central storage point for large amounts of sensitive data will continue to increase over the next two years, so the prize will only become richer. In response and in preparation, enterprises need to takes steps to protect their most sensitive and important data and decide which data they truly need to send to public cloud service providers.
2. Mobile Apps Become the Main Route for Compromise
Mobile apps, deployed on bring your own device (BYOD) technologies (tablets, cell phones, etc.) make it extremely difficult for IT departments to control where and how their sensitive data is accessed and by whom. BYOD means many heavily used employee devices will be actively in use and the reality is that this equipment does not have the same security in place as corporate owned devices. This, when combined with the proliferation of cloud applications (used for both personal and business), creates a perfect storm for compromising corporate data. Because of this scenario, IT and security should deploy security techniques that treat subsets of their data differently, with different levels of restriction and more security for the most sensitive data and Intellectual Property.
3. Encryption Fails
This is a very broad and provocative statement, as encryption use is increasing in the marketplace and many enterprises are becoming dependent on it for some of their data security needs. If someone asked me if this statement is true - Will encryption fail? - I would have to say that - Yes, some encryption will fail. That's because not all encryption is created equal. Enterprises need to understand that some encryption is much stronger than others; there are differences in how the technology is deployed. At Perspecsys, we allow customers to deploy the most secure, FIPS 140-2 validated encryption techniques. We also have the enterprise maintain physical ownership of the encryption keys. Both of these points are critical for successful deployment. And we support tokenization, another security method that many in the industry find has unique strengths when compared to encryption. (More information on tokenization is available here on our website.)
4. The CEO Gets It, Now You Have to Deliver
We are now hearing that cloud security is a board-level issue, so I agree that the CEO must "get it" since the CEO reports into this group. We are now starting to see generous budgets being allocated for cloud protection and security projects and IT and security teams have more resources than in the past to help combat operational risks to the business. It's now up to the IT and security teams to find the best technology and solutions for their enterprise's unique needs.
5. Information Security Fails to Work with New Generations
This is perhaps the most critically important observation. Clearly security solutions that interfere or inhibit with the way workers need to engage with the cloud will be unsuccessful. Why? Well, because employees will always find a way to work around them. Or, in a perhaps another scenario, there will be end-user pushback and operational issues that will land in the lap of IT and Security teams, creating organizational divisiveness (e.g., "those guys are stopping me from being able to do my job") and a significant productivity hit. This is why we have done a tremendous amount of original research to figure out ways in our cloud data control gateway to remain transparent/invisible to end users, meaning they can utilize cloud applications as needed and still perform functions such as search/sort on data, even when data has been tokenized or encrypted.
I commend the authors of the piece for their predictions and foreword looking insights that will help provoke the right conversations among many enterprise IT and Security teams. It sounds like the Information Security Forum is talking to some of the same people that we talk to and undoubtedly their predictions will help organizations think about how to improve and solidify their corporate IT and Security policies over the next couple years.
Perspecsys Inc. is a leading provider of cloud data tokenization and cloud encryption solutions that enable mission-critical cloud applications to be adopted throughout the enterprise. Cloud security companies like Perspecsys remove the technical, legal and financial risks of placing sensitive company data in the cloud. Perspecsys accomplishes this for many large, heavily regulated companies across the world by never allowing sensitive data to leave a customer's network, while maintaining the functionality of cloud applications. For more information please visit perspecsys.com or follow on Twitter @perspecsys.
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Architect for the Internet of Things and Intelligent Systems, described how to revolutionize your archit...
Jul. 7, 2015 11:30 AM EDT Reads: 745
SYS-CON Events announced today that Secure Infrastructure & Services will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Secure Infrastructure & Services (SIAS) is a managed services provider of cloud computing solutions for the IBM Power Systems market. The company helps mid-market firms built on IBM hardware platforms to deploy new levels of reliable and cost-effective computing and high availability solutions, leveraging the cloud and the benefits of Infrastructure-as-a-Service (IaaS...
Jul. 7, 2015 11:00 AM EDT Reads: 850
In his General Session at 16th Cloud Expo, David Shacochis, host of The Hybrid IT Files podcast and Vice President at CenturyLink, investigated three key trends of the “gigabit economy" though the story of a Fortune 500 communications company in transformation. Narrating how multi-modal hybrid IT, service automation, and agile delivery all intersect, he will cover the role of storytelling and empathy in achieving strategic alignment between the enterprise and its information technology.
Jul. 7, 2015 11:00 AM EDT Reads: 1,693
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo in Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal an...
Jul. 7, 2015 11:00 AM EDT Reads: 771
Connected things, systems and people can provide information to other things, systems and people and initiate actions for each other that result in new service possibilities. By taking a look at the impact of Internet of Things when it transitions to a highly connected services marketplace we can understand how connecting the right “things” and leveraging the right partners can provide enormous impact to your business’ growth and success. In her general session at @ThingsExpo, Esmeralda Swartz, VP, Marketing Enterprise and Cloud at Ericsson, discussed how this exciting emergence of layers of...
Jul. 7, 2015 10:45 AM EDT Reads: 1,323
SYS-CON Events announced today that Dyn, the worldwide leader in Internet Performance, will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Dyn is a cloud-based Internet Performance company. Dyn helps companies monitor, control, and optimize online infrastructure for an exceptional end-user experience. Through a world-class network and unrivaled, objective intelligence into Internet conditions, Dyn ensures traffic gets delivered faster, safer, and more reliably than ever.
Jul. 7, 2015 10:30 AM EDT Reads: 1,583
The 17th International Cloud Expo has announced that its Call for Papers is open. 17th International Cloud Expo, to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, APM, APIs, Microservices, Security, Big Data, Internet of Things, DevOps and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal today!
Jul. 7, 2015 10:30 AM EDT Reads: 732
SYS-CON Events announced today that CommVault has been named “Bronze Sponsor” of SYS-CON's 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. A singular vision – a belief in a better way to address current and future data management needs – guides CommVault in the development of Singular Information Management® solutions for high-performance data protection, universal availability and simplified management of data on complex storage networks. CommVault's exclusive single-platform architecture gives companies unp...
Jul. 7, 2015 09:45 AM EDT Reads: 1,518
"We have a tagline - "Power in the API Economy." What that means is everything that is built in applications and connected applications is done through APIs," explained Roberto Medrano, Executive Vice President at Akana, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 7, 2015 09:00 AM EDT Reads: 623
Internet of Things is moving from being a hype to a reality. Experts estimate that internet connected cars will grow to 152 million, while over 100 million internet connected wireless light bulbs and lamps will be operational by 2020. These and many other intriguing statistics highlight the importance of Internet powered devices and how market penetration is going to multiply many times over in the next few years.
Jul. 7, 2015 09:00 AM EDT Reads: 1,215
SYS-CON Events announced today that Intelligent Systems Services will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Established in 1994, Intelligent Systems Services Inc. is located near Washington, DC, with representatives and partners nationwide. ISS’s well-established track record is based on the continuous pursuit of excellence in designing, implementing and supporting nationwide clients’ mission-critical systems. ISS has completed many successful projects in Healthcare, Commercial, Manu...
Jul. 7, 2015 09:00 AM EDT Reads: 647
SYS-CON Events announced today that SoftLayer, an IBM company, has been named “Gold Sponsor” of SYS-CON's 17th International Cloud Expo®, which will take place November 3–5, 2015 at the Santa Clara Convention Center in Santa Clara, CA. SoftLayer operates a global cloud infrastructure platform built for Internet scale. With a global footprint of data centers and network points of presence, SoftLayer provides infrastructure as a service to leading-edge customers ranging from Web startups to global enterprises. SoftLayer’s modular architecture, full-featured API, and sophisticated automation pro...
Jul. 7, 2015 08:45 AM EDT Reads: 1,568
The basic integration architecture, as defined by ESBs, hasn’t changed for more than a decade. Most cloud integration providers still rely on an ESB architecture and their proprietary connectors. As a result, enterprise integration projects suffer from constraints of availability and reliability of these connectors that are not re-usable across other integration vendors. However, the rapid adoption of APIs and almost ubiquitous availability of APIs amongst most SaaS and Cloud applications are rapidly redefining traditional integration approaches and their reliance on proprietary connectors. ...
Jul. 7, 2015 08:15 AM EDT Reads: 601
The 5th International DevOps Summit, co-located with 17th International Cloud Expo – being held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Among the proven benefits, DevOps is corr...
Jul. 7, 2015 08:15 AM EDT Reads: 814
SYS-CON Events announced today that WHOA.com, an ISO 27001 Certified secure cloud computing company, participated as “Bronze Sponsor” of SYS-CON's 16th International Cloud Expo® New York, which took place June 9-11, 2015, at the Javits Center in New York City, NY. WHOA.com is a leader in next-generation, ISO 27001 Certified secure cloud solutions. WHOA.com offers a comprehensive portfolio of best-in-class cloud services for business including Infrastructure as a Service (IaaS), Secure Cloud Desktop, Cloud Storage, Disaster Recovery, Integrated Applications and Security.
Jul. 7, 2015 08:00 AM EDT Reads: 630
Today air travel is a minefield of delays, hassles and customer disappointment. Airlines struggle to revitalize the experience. GE and M2Mi will demonstrate practical examples of how IoT solutions are helping airlines bring back personalization, reduce trip time and improve reliability. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Dr. Sarah Cooper, M2Mi’s VP Business Development and Engineering, will explore the IoT cloud-based platform technologies driving this change including privacy controls, data transparency and integration of real time context wi...
Jul. 7, 2015 07:15 AM EDT Reads: 612
17th Cloud Expo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterprises are using some form of XaaS – software, platform, and infrastructure as a service.
Jul. 7, 2015 07:00 AM EDT Reads: 709
The enterprise market will drive IoT device adoption over the next five years. In his session at @ThingsExpo, John Greenough, an analyst at BI Intelligence, division of Business Insider, analyzed how companies will adopt IoT products and the associated cost of adopting those products. John Greenough is the lead analyst covering the Internet of Things for BI Intelligence- Business Insider’s paid research service. Numerous IoT companies have cited his analysis of the IoT. Prior to joining BI Intelligence, he worked analyzing bank technology for Corporate Insight and The Clearing House Payment...
Jul. 7, 2015 02:00 AM EDT Reads: 688
"ciqada is a combined platform of hardware modules and server products that lets people take their existing devices or new devices and lets them be accessible over the Internet for their users," noted Geoff Engelstein of ciqada, a division of Mars International, in this SYS-CON.tv interview at @ThingsExpo, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 7, 2015 01:15 AM EDT Reads: 481
SYS-CON Events announced today that ProfitBricks, the provider of painless cloud infrastructure, will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. ProfitBricks is the IaaS provider that offers a painless cloud experience for all IT users, with no learning curve. ProfitBricks boasts flexible cloud servers and networking, an integrated Data Center Designer tool for visual control over the cloud and the best price/performance value available. ProfitBricks was named one of the coolest Clo...
Jul. 6, 2015 05:00 PM EDT Reads: 1,496