Welcome!

Microservices Expo Authors: Elizabeth White, Liz McMillan, Pat Romanski, Yeshim Deniz, Zakia Bouachraoui

Related Topics: @CloudExpo, Java IoT, Microservices Expo, Containers Expo Blog, Apache, Cloud Security

@CloudExpo: Article

Gartner Highlights Cloud Data Encryption Gateways

A means to protect sensitive corporate data

By Gerry Grealish
PerspecSys Vice President of Marketing & Products

Last month Gartner Analyst Jay Heiser conducted an extremely informative and thought-provoking webinar entitled "The Current and Future State of Cloud Security, Risk and Privacy." During the presentation, Mr. Heiser highlighted what he called the "Public Cloud Risk Gap," characterized in part by inadequate processes and technologies by the cloud service providers and in part by a lack of diligence and planning by enterprises using public cloud applications. In many ways, it was a call to arms to ensure that adequate controls, thought and preparation are put to use before public clouds are adopted by enterprises and public sector organizations.

From the side of the cloud application provider, the webinar noted that most cloud service offerings are incomplete when measured against traditional "on-premise" security standards, there are relatively few security-related Service Level Agreements (SLAs), and there is minimal transparency on the security posture of most cloud services. From the enterprise side (the cloud service consumer), he points out that they frequently come to the table with inadequate planning and consideration in the area of security requirements definition and have an incomplete data sensitivity classification governing their data assets. Despite this, the webinar highlighted that organizations of all sizes are increasingly willing to place their data externally, and they are increasingly likely to have at least some formalized processes for the assessment of the associated risk - which is good news.

One approach that more and more organizations are considering is encryption of the data on the servers of the cloud provider, but three issues are identified: (1) this may cover data at rest, but what about data in transit?; (2) server-based encryption "breaks" application functionality that end users likely depend on, such as "Searching" and "Sorting" information, and; (3) who owns the encryption keys? The more parties that own the keys- the greater the risks. One of the capstone recommendations that Gartner gives viewers at the conclusion of the webinar is to ensure they protect highly sensitive information with data control technology. The good news is that technologies in this solution category are available now and are being rapidly adopted across a variety of diverse industries such as Healthcare, Manufacturing, Financial Services, Defense and Government. Gateways capable of supporting Salesforce.com encryption, Oracle encryption, SuccessFactors encryption, etc., need to be considered as part of an overall enterprise cloud security strategy.

One innovative part of this new category of solutions is referred to by Gartner as "Cloud Encryption Gateways." These gateways put sensitive data control back into the hands of the enterprise in scenarios where they are using public cloud services. When designed and deployed correctly, they are able to preserve the end user's experience with the cloud application (think of things like "Search" and "Reporting") even while securing the data being processed and stored in the cloud. These Gateways intercept sensitive data while it is still on-premise and replace it with a random tokenized or strongly encrypted value, rendering it meaningless should anyone hack the data while it is in transit, processed or stored in the cloud. If encryption is used, the enterprise controls the key. If tokenization is used, the enterprise controls the token vault. But not all gateways are created equal, so please refer to this recent paper in our Knowledge Center to make sure you ask the right questions when determining which gateway is the right fit for your specific Security, IT and End User needs.

Read the original blog entry...


PerspecSys Inc. is a leading provider of cloud data security and SaaS security solutions that remove the technical, legal and financial risks of placing sensitive company data in the cloud. PerspecSys accomplishes this for many large, heavily regulated companies by never allowing sensitive data to leave a customer's network, while maintaining the functionality of cloud applications. Based in Toronto, PerspecSys Inc. is a privately held company backed by investors that include Intel Capital and GrowthWorks.

More Stories By Gerry Grealish

Gerry Grealish is Vice President, Marketing & Products, at PerspecSys. He is responsible for defining and executing PerspecSys’ marketing vision and driving revenue growth through strategic market expansion and new product development. Previously, he ran Product Marketing for the TNS Payments Division, helping create the marketing and product strategy for its cloud-based payment gateway and tokenization/encryption security solutions. He has held senior marketing and leadership roles for venture-backed startups as well as F500 companies, and his industry experience includes enterprise analytical software, payment processing and security services, and marketing and credit risk decisioning platforms.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Microservices Articles
SYS-CON Events announced today that DatacenterDynamics has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY. DatacenterDynamics is a brand of DCD Group, a global B2B media and publishing company that develops products to help senior professionals in the world's most ICT dependent organizations make risk-based infrastructure and capacity decisions.
Most DevOps journeys involve several phases of maturity. Research shows that the inflection point where organizations begin to see maximum value is when they implement tight integration deploying their code to their infrastructure. Success at this level is the last barrier to at-will deployment. Storage, for instance, is more capable than where we read and write data. In his session at @DevOpsSummit at 20th Cloud Expo, Josh Atwell, a Developer Advocate for NetApp, will discuss the role and value...
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City. Digital Transformation (DX) is a major focus with the introduction of DXWorldEXPO within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term.
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
Enterprise architects are increasingly adopting multi-cloud strategies as they seek to utilize existing data center assets, leverage the advantages of cloud computing and avoid cloud vendor lock-in. This requires a globally aware traffic management strategy that can monitor infrastructure health across data centers and end-user experience globally, while responding to control changes and system specification at the speed of today’s DevOps teams. In his session at 20th Cloud Expo, Josh Gray, Chie...
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the APIs that make today's multi-cloud environments and hybrid clouds possible. In this Power Panel at 17th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the importance of customers being able to use the specific technologies they need, through environments and ecosystems that expose their APIs to make true ...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple cloud provider environments. Yet, despite this portability promise, developers may include configuration and application definitions that constrain or even eliminate application portability. In this session we'll describe best practices for "configuration as code" in a Kubernetes environment. We will demonstrate how a properly constructed containerized app can be deployed to both Amazon and Azure ...
Modern software design has fundamentally changed how we manage applications, causing many to turn to containers as the new virtual machine for resource management. As container adoption grows beyond stateless applications to stateful workloads, the need for persistent storage is foundational - something customers routinely cite as a top pain point. In his session at @DevOpsSummit at 21st Cloud Expo, Bill Borsari, Head of Systems Engineering at Datera, explored how organizations can reap the bene...
In his session at 20th Cloud Expo, Mike Johnston, an infrastructure engineer at Supergiant.io, discussed how to use Kubernetes to set up a SaaS infrastructure for your business. Mike Johnston is an infrastructure engineer at Supergiant.io with over 12 years of experience designing, deploying, and maintaining server and workstation infrastructure at all scales. He has experience with brick and mortar data centers as well as cloud providers like Digital Ocean, Amazon Web Services, and Rackspace. H...
Consumer-driven contracts are an essential part of a mature microservice testing portfolio enabling independent service deployments. In this presentation we'll provide an overview of the tools, patterns and pain points we've seen when implementing contract testing in large development organizations.