First PRISM, Now XKeyscore, Cloud Surveillance is Wake-up Call for the Enterprise
Extensive NSA Snooping Generates Cloud Data Protection Concerns
SAN JOSE, Calif., Aug. 1, 2013 /PRNewswire/ — On the heels of PRISM, the disclosure of XKeyscore has inflamed fears for moving data into the cloud. Together, the surveillance programs have generated broad concerns from privacy watchdogs about the sanctity of securing personal information and calls from EU regulators for limiting data to national boundaries and suspending the long accepted notion of safe harbor.
This backlash is understandable. But, does this mean that businesses should pull back, and stop using the cloud and rebuild the on-premise infrastructure they have been dismantled over the last few years? On the cloud providers’ side, should they break up the World Wide Web into walled gardens hemmed in by national boundaries?
These recent revelations of these surveillance programs, and undoubtedly there will be more of them, reinforce how important cloud information protection is the new imperative for enterprises.
“Whether we’re talking about PRISM, XKeyscore or the next cyber surveillance program to be unveiled by Snowden, the takeaway for businesses all over the world is clear. It is no longer safe to leave sensitive data in the clear, naked and undefended,” said Paige Leidig, senior vice president, CipherCloud. “Because the watchers are omnipotent, the only sensible way to clothe and defend data is through unbreakable encryption that scrambles information into gibberish.”
XKeyscore, PRISM and whatever surveillance program that next leaks out are reminders that the Internet is like a busy public street. Ensuring protection for data in the cloud requires enterprises confront the realities of a ubiquitous surveillance environment by taking proactive steps to fully defend that data from exposure.
Before you can protect information in the cloud, you need to know where it is and who has access to it:
- Who should have access to certain information and who should not?
- What content is sensitive, proprietary, or regulated and how can it be identified?
- Where will this data reside in the cloud and what range of regional privacy, disclosure and other laws might apply?
- Encrypt – As a baseline, unbreakable code – like AES-256 – can scramble sensitive information into undecipherable gibberish to protect it from unauthorized viewers. Installing a cloud information protection platform at the network’s edge ensures any data moving to the cloud is fully protected before it leaves the organization.
- Retain Keys – Keep the keys that encrypt and decipher information under the control of the user organization. This ensures that all information requests must involve the owner, even if information is stored on a third-party cloud.
- Cloud Data Loss Prevention (DLP) – Customize DLP policies to scan, detect and take action to protect information according to its level of sensitivity. This provides an additional level of security and control.
- Use operations-preserving encryption, which has solved encryption’s longstanding problem of breaking cloud application functions. This advancement enables users to search, sort and report on encrypted data in the cloud. Additionally, an open platform capable of supporting all cloud applications and integrating third-party tools provides a stable foundation for protection.
CipherCloud, the leader in cloud information protection, enables organizations to securely adopt cloud applications by overcoming data privacy, residency, security, and regulatory compliance risks. CipherCloud delivers an open platform with comprehensive security controls including encryption, tokenization, cloud data loss prevention, cloud malware detection, and activity monitoring. CipherCloud’s ground breaking technology protects sensitive information in real time, before it is sent to the cloud, while preserving application usability and functionality.
CipherCloud has experienced exceptional growth and success with over 1.2 million business users, more than 100 million customer records, in over 10 industries, and with marquee customers around the globe.
The CipherCloud product portfolio protects popular cloud applications out-of-the-box such as Salesforce, Force.com, Chatter, Box, Google Gmail, Microsoft Office 365, and Amazon Web Services. Additionally, CipherCloud Connect AnyApp and Database Gateway enable organizations to extend data protection to hundreds of third-party cloud and private cloud applications and databases.
CipherCloud, named as SC Magazine’s 2013 Best Product of the Year, is backed by premier venture capital firms Andreessen Horowitz, Index Ventures, and T-Venture, the venture capital arm of Deutsche Telekom. For more information, visit www.ciphercloud.com and follow us on Twitter @ciphercloud.
Director of Corporate Communications