Cloud Infrastructure

11:15 AM
Connect Directly
RSS
E-Mail
50%
50%

Encryption, Data-Centric Approach Needed To Secure Cloud, Mobile Users

The ever-growing mobile workforce with its head in the cloud has created what seems like an endless list of IT challenges to overcome, and with anywhere, anytime access to information a necessity for many enterprises, the new IT world is having an impact on the kind of encryption enterprises need to protect their sensitive and proprietary data.

The ever-growing mobile workforce with its head in the cloud has created what seems like an endless list of IT challenges to overcome, and with anywhere, anytime access to information a necessity for many enterprises, the new IT world is having an impact on the kind of encryption enterprises need to protect their sensitive and proprietary data.

InformationWeek's "Data Encryption: Ushering In a New Era" report found that cloud and mobility are adding new challenges to security, but only 47% of 506 IT professionals that responded to a survey on data encryption stated that have mobile-device encryption has been made a priority.

Another InformationWeek survey, "Research: 2012 State of Cloud Computing," of 511 IT professionals regarding cloud computing found that 64% of enterprises using cloud services are dealing with between two and five different providers. As the number of servers and applications move into the cloud, the more the use of encryption drops off.

"The problem of mobility and cloud is it forces policies, processes and encryption technologies to have to scale to an outside device, organization, and too many more use cases," says Michael Davis, CEO of Savid Technologies and author of the report. "This usually means the governance/audit team isn't ready, the security team gets bogged down in details related to deployment, but in the end we don't see users impacted too much by encryption in these spaces as the technology is usually transparent."

All of the encryption technologies require keys, but in the case of mobile devices, the keys are usually controlled by end users when they turn on their phones, Davis explains. In that case, the user must have a lock/password screen or encryption isn't able to do its job. IT can create policies around using lock/password screens, but end users frequently ignore policies. In the case of mobile devices, it leaves potentially sensitive data open to anyone who comes into physical contact with the phone.

Of the 506 respondents to the data encryption survey, 38% said their organizations have comprehensive formal policies in place that expressly require encryption of personally identifiable information (PII) or confidential data on certain devices within their networks. They said the policies are strictly enforced. Another 38% noted that although they have policies, enforcement is limited or done on an application-by-application basis.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Cartoon
Hot Topics
9
What To Do If Your Cloud Provider Is Acquired
Andrew Froehlich, President & Lead Network Architect, West Gate Networks,  8/29/2014
7
VMware NSX Banks On Security
Marcia Savage, Managing Editor, Network Computing,  8/28/2014
6
The Rise Of White-Box Storage
Jim O'Reilly, Consultant,  8/27/2014
White Papers
Register for Network Computing Newsletters
Current Issue
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Video
Slideshows
Twitter Feed