cloud Cloud Encryption Gateways What are CEGs? Sensitive data is encrypted as it flows from a device, through the CEG proxy, and into the cloud service provider’s backend
sensitive data Allows security-conscious organizations to adopt public/private cloud applications (SaaS) and infrastructure (IaaS) which may aid availability Confidentiality Integrity Availability
must integrate with third-party apps Plan for ongoing support of connectors by CEG & 3rd parties Most CEG providers support common and popular SaaS and IaaS offerings Many offer to ingrate with “any app”, but additional resources may be required Do not forget about the trade-offs of A) the cloud and B) encryption A) CEG server and workforce locations will affect latency and perceived performance ! B) Might not want to encrypt all information if you need to do calculations server-side ! CEG is an emerging technology — new and better offerings are being actively developed Enter into short-term contracts
existing network structure (WAN/ VPN/existing proxies) and size third party integrations (Salesforce.com, GMail, etc.) must be configured number and location of hosts (PCs, servers, mobile devices) may need to be touched
for many offerings including Salesforce, Box, MS Office 365, Gmail, Amazon Web Services Focus industries: financial services and healthcare Pricing: Free trial available Flexible, subscription based pricing model with no long-term contracts or lock-in periods - From $5 to $20 per month per user Additional features include: Partnership with providers to offer “real- time cloud malware protection against viruses, spyware, trojans, bots, [and] rootkits” As of 11/2013: 2 million users, 250 million records protected, 10 industries, 14 countries, 6 languages Appears to be second to CipherCloud Integrations include Salesforce, ServiceNow, Oracle, Amazon Web Services Marketing focuses on international data privacy laws and government agency/NGO requirements such as data residency and other obligations Additional features include: Mail Transport Agent that “allows organizations to use email services, even when contact and other sensitive information is no longer in the cloud” Cipher Cloud Cloud Data Protection Gateway by PerspecSys Both companies follow FIPS 140-2 standards which require at least AES-256 encryption and have had dozens of millions of dollars invested in them by top venture capital firms (suggesting that this is an emerging technology offering that is not yet profitable)
Workflow/ Change Management new and emerging technology status; not all stakeholders may be open to it Speed encryption + decryption will always be slower than without Vendor lock-in relatively easy to avoid by insisting on short-term contracts Advantages Securely harness the cloud includes leveraging third party SaaS/PaaS such like Salesforce, Google Apps Ability to outsource some IT which can save time, money, and human resources
secure network and the public cloud. Sensitive data is encrypted as it flows from a device, through the CEG proxy, and into the cloud service provider’s backend When a user needs to read the information from the cloud device, it is decrypted and presented to them Confidentiality Integrity Availability
Cloud Encryption Gateway At 2011 SINET Showcase. (2011, October 11). Yahoo! Finance. Retrieved October 15, 2013, from http://finance.yahoo.com/news/ CipherCloud-Selected-As-SINET-iw-514934155.html! Cloud Protection Solutions. (2013). PerspecSys. Retrieved October 15, 2013, from http://www.perspecsys.com/ perspecsys-cloud-protection-gateway/! Data Encryption for the Cloud. (2013). CipherCloud. Retrieved October 15, 2013, from http://www.ciphercloud.com/ cloud-encryption.aspx! Heiser, J., & MacDonald, N. (2013). Hype Cycle for Cloud Security (No. G00239712) (pp. 21–22). Gartner.! Hoffman, K. E. (2013, January). Cloud of Suspicion. SC Magazine, 24(1), 26–28. Retrieved from http:// proxygw.wrlc.org/login?url=http://search.proquest.com.proxygw.wrlc.org/docview/1282079369?accountid=11243! Navajo Systems Receives Best Security Solution at Cloud Computing World Series Awards. (2011, June 24). Retrieved October 15, 2013, from http://proxygw.wrlc.org/login?url=http://search.proquest.com/docview/ 873476522?accountid=11243! Ouellet, E., & Lowans, B. (2012). Cloud Encryption: Some Assembly Required (Research Note No. G0024664). Gartner.! PerspecSys Named as Finalist in the 4th Annual 2012 Golden Bridge Awards for Its Innovation in Cloud Data Protection. (202AD, November 23). Re. Retrieved October 2, 2013, from http://www.reuters.com/article/ 2012/08/23/idUS124629+23-Aug-2012+BW20120823! The 10-Minute Guide to Cloud Encryption Gateways. (2013, April 5). CipherCloud. Retrieved from http:// pages.ciphercloud.com/The10-MinuteGuidetoCloudEncryptionGateways.html! Thank you for your time and attention
silverberg
lyakaap
lcolladotor
bob3bob3
genomethica
sshimizu2006
olivia_0707
fuyu_quant0
shimagaji
yuyamaguchi
aronwalsh
bobfromjapan
konakalab
dougneiner
smashingmag
morganepeng
holman
kastner
schacon
eileencodes
kneath
addyosmani
jeffersonlam
caitiem20
akosma
