Cyber Dialogue and Intelligence Programs Reinforce Cloud Information Protection as the New Imperative for Enterprises
Recent developments require a new approach to information protection in the brave new world of business, according to CipherCloud
SAN JOSE, Calif., June 10, 2013 /PRNewswire/ — The recent US-China cyber priorities dialogue and the revelation of the existence of the PRISM program, in which the government collects Internet and phone records on an unprecedented scale, call for a re-examination of how businesses understand and implement information protection in the cloud age.
As illustrated by the cyber discussion between Presidents Barack Obama and Xi Jinping, no quick resolution is in sight, so it is incumbent upon businesses to take action to protect their sensitive information, ranging from customer data to intellectual property.
Compounding this current cyber climate of nation-state discussions and potential surveillance is the widespread adoption of cloud computing, which adds a new dimension of concern for enterprises. These elements combine to create new imperatives for enterprise information protection.
“Today’s risk factors require a new approach to cyber defense — cloud information protection — which encompasses the interlocked relationship of data privacy, security, compliance and residency,” said Pravin Kothari, founder & CEO of CipherCloud. “Compliance mandates drive security priorities, which given organizations increasing use of the cloud, involve compliance with data privacy requirements specific to the countries where the data originates and resides.”
Following are best practices for cloud information protection that actively defends the enterprise without impeding the use of cloud applications:
Before you can protect information in the cloud, you need to know where it is and who has access to it:
- Who should have access to certain information and who should not?
- What content is sensitive, proprietary, or regulated and how can it be identified?
- Where will this data reside in the cloud and what range of regional privacy, disclosure and other laws might apply?
Encrypt - As a baseline, unbreakable code – like enterprise grade 256-bit AES – can scramble sensitive information into undecipherable gibberish to protect it from unauthorized viewers. Installing a cloud information protection platform at the network’s edge ensures any data moving to the cloud is fully protected before it leaves the organization.
Retain Keys – Keep the keys that encrypt and decipher information under the control of the user organization. This ensures that all information requests must involve the owner, even if information is stored on a third-party cloud.
Activity Monitoring – Easy to read and insightful dashboards report on all user activities to monitor out-of-compliance and potentially malicious activity.
Use operations-preserving encryption, which has solved encryption’s longstanding problem of breaking cloud application functions. This advancement enables users to search, sort and report on encrypted data in the cloud. Additionally, an open platform capable of supporting all cloud applications and integrating third-party tools provides a stable foundation for protection.
CipherCloud, the leader in cloud information protection, enables organizations to securely adopt cloud applications by overcoming data privacy, residency, security, and regulatory compliance risks. CipherCloud delivers an open platform with comprehensive security controls including encryption, tokenization, cloud data loss prevention, cloud malware detection, and activity monitoring. CipherCloud’s ground breaking technology protects sensitive information in real time, before it is sent to the cloud, while preserving application usability and functionality.
CipherCloud has experienced exceptional growth and success with over 1.2 million business users, more than 100 million customer records, in over 10 industries, and with marquee customers around the globe, including North America, Europe, Middle East, Australia/New Zealand and the rest of the Asia-Pacific.
The CipherCloud product portfolio protects popular cloud applications out-of-the-box such as Salesforce, Force.com, Chatter, Box, Google Gmail, Microsoft Office 365, and Amazon Web Services. Additionally, CipherCloud Connect AnyApp and Database Gateway enable organizations to extend data protection to hundreds of third-party cloud and private cloud applications and databases.
CipherCloud, named as SC Magazine’s 2013 Best Product of the Year, is backed by premier venture capital firms Andreessen Horowitz, Index Ventures, and T-Venture, the venture capital arm of Deutsche Telekom. For more information, visit www.ciphercloud.com and follow us on Twitter @ciphercloud.
Director of Corporate Communications