Comments
yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Expo on Google News
SYS-CON.TV
Cloud Expo & Virtualization 2009 East
PLATINUM SPONSORS:
IBM
Smarter Business Solutions Through Dynamic Infrastructure
IBM
Smarter Insights: How the CIO Becomes a Hero Again
Microsoft
Windows Azure
GOLD SPONSORS:
Appsense
Why VDI?
CA
Maximizing the Business Value of Virtualization in Enterprise and Cloud Computing Environments
ExactTarget
Messaging in the Cloud - Email, SMS and Voice
Freedom OSS
Stairway to the Cloud
Sun
Sun's Incubation Platform: Helping Startups Serve the Enterprise
POWER PANELS:
Cloud Computing & Enterprise IT: Cost & Operational Benefits
How and Why is a Flexible IT Infrastructure the Key To the Future?
Click For 2008 West
Event Webcasts
Common Gotchas: Cloud Security Problems to Avoid
For organizations looking to adopt the cloud, securing sensitive information outside the corporate perimeter isn’t as daunting

Cloud computing security can be a conundrum. The point of using the public cloud is to outsource certain infrastructure and application needs to third party providers, after all. How can you secure your data once it leaves your perimeter and your control? As puzzling as it may seem, there is hope.

Luckily for organizations looking to adopt the cloud, securing sensitive information outside the corporate perimeter isn't as daunting (or as impossible) as it may appear. Technologies exist to enable cloud computing security strong enough for companies to remain in compliance while taking full advantage of the flexibility, agility, and economies of scale of the cloud. Avoid these common pitfalls for a secure cloud experience.

Pitfall 1: Assuming that responsibility for cloud computing security rests with your CSP
If your cloud service provider is the one housing your data, then doesn't responsibility (and legal liability) rest with them when it comes to cloud computing security?

It stands to reason but isn't true. While recent revisions to data privacy regulations like HIPAA do specify that third-party contractors bear some responsibility for data security - and while CSPs take security very seriously - that doesn't shift the burden from covered entities at all. In the event of a breach of your organization's data, your organization will still be held liable and still have to make a public breach disclosure. Look for ways to retain control over the privacy and integrity of your data no matter which CSP you choose.

Pitfall 2: Not encrypting enough
Your key vulnerability lies in the public Internet connections that data has to traverse between your perimeter and your CSPs, right?

Not quite, and therefore encryption in transit isn't enough. Encryption in transit is a cloud computing security standard, of course. It protects data from would-be eavesdroppers while that data's en route from your premises to the CSPs. Data should always be encrypted in transit.

But encryption in transit is only one part of the story. Last year, the NSA's MUSCULAR program made waves when the news came out that the agency had tapped directly into Google and Yahoo internal networks in order to intercept data as it moved between their data centers. Encryption in transit wouldn't be much help there. Choose a cloud data encryption solution that will protect your data every step of the way - in transit to the cloud, at rest in the cloud, and even while in motion or in use in the cloud.

Pitfall 3: Forgetting your neighbors
As one of many customers of a public cloud provider, you're analogous to a renter in an apartment complex. Multi-tenancy can raise cloud computing security issues. Fortunately, taking steps to secure your data addresses those issues. Choose a cloud data encryption solution that gives your organization exclusive access to the encryption keys. This way, even if your data is inadvertently leaked or disclosed, no one can read it or do anything with it without your knowledge and consent.

Cloud computing security concerns can make companies hesitant to adopt the cloud, but they don't need to be. There is a solution to the data privacy challenges created by the cloud, and that solution is control. Maintain control of your data from the moment it leaves your perimeter throughout its life cycle in the cloud and maintain control of your encryption keys, and your data can remain safe no matter where it roams.

About Paige Leidig
Paige Leidig is SVP at CipherCloud. He has 20 years of experience in technology, marketing, and selling enterprise application solutions and managing trusted customer relationships. As SVP of Marketing, he is responsible for all aspects of marketing at CipherCloud. Paige was previously in the Office of the CEO at SAP, where he was responsible for leading and coordinating SAP’s acquisition and integration activities on a global basis. He has managed a number of marketing initiatives at SAP, including responsibility for all go-to-market activities for SAP’s Cloud applications portfolio. Preceding his SAP career, Paige held senior management positions with Ariba, Elance, and E*Trade.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

Latest Cloud Developer Stories
To get the most out of their data, successful companies are not focusing on queries and data lakes, they are actively integrating analytics into their operations with a data-first application development approach. Real-time adjustments to improve revenues, reduce costs, or mitiga...
DevOps promotes continuous improvement through a culture of collaboration. But in real terms, how do you: Integrate activities across diverse teams and services? Make objective decisions with system-wide visibility? Use feedback loops to enable learning and improvement? With tec...
"Digital transformation - what we knew about it in the past has been redefined. Automation is going to play such a huge role in that because the culture, the technology, and the business operations are being shifted now," stated Brian Boeggeman, VP of Alliances & Partnerships at ...
The past few years have brought a sea change in the way applications are architected, developed, and consumed—increasing both the complexity of testing and the business impact of software failures. How can software testing professionals keep pace with modern application delivery,...
"WineSOFT is a software company making proxy server software, which is widely used in the telecommunication industry or the content delivery networks or e-commerce," explained Jonathan Ahn, COO of WineSOFT, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 201...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021



SYS-CON Featured Whitepapers
ADS BY GOOGLE