Cloud // Infrastructure as a Service
07:20 AM
Connect Directly

Why Cloud Security Beats Your Data Center

Cloud computing has developed a bad reputation for security, but it will soon provide tighter security than traditional on-premises IT. Here's why.
1 of 8

(Image: Antranias via Pixabay)

(Image: Antranias via Pixabay)

When it comes to IT security, cloud computing has established a fairly bad reputation -- and perhaps rightly so. Moving beyond traditional perimeter security into public, private, and hybrid cloud architectures stretches the capabilities of traditional security tools. It creates new security holes and blind spots that were not there previously. But cloud security is looking brighter by the day, and very soon cloud security tools will outmatch any type of non-cloud parameter security architecture.

In many ways, cloud security is gaining in strength based on a seemingly inherent weakness. Cloud service providers are in a unique position to absorb vast amounts of data. Because large clouds are geographically dispersed in data centers around the globe, they can pull in all kinds of security intelligence as data flows in and out of the cloud. This intelligence can then be used to track security threats and stop them far more quickly.

When enterprises finally embrace the idea of cloud computing, it doesn't become simply an extension of the traditional enterprise network. It becomes the central focus. End-users access the cloud through any number of different entry points, such as private WANs or the public Internet. Because the cloud is a centralized point of entry for customers, it becomes the ideal location for securing client/server communications as well as a single point of management for encryption keys.

[Read about spectacular cloud computing fails.]

Finally, as cloud computing evolves alongside software-defined technologies, it allows for end-to-end visibility from a security protection standpoint. Never before have IT security administrators had the ability to create software overlays, which virtually flatten networks so that security postures can be streamlined and easier to manage.

For years, cloud computing progressed at a faster rate than cloud security could protect it. Starting in 2015 and beyond, that gap looks to be closing. Here, we present several cloud security tools and architectures that we believe will become mainstream for enterprises that leverage cloud computing services. If you continue to be concerned with protection of sensitive data in the cloud, you have a new perspective on cloud security after considering these options.

Andrew has well over a decade of enterprise networking under his belt through his consulting practice, which specializes in enterprise network architectures and datacenter build-outs and prior experience at organizations such as State Farm Insurance, United Airlines and the ... View Full Bio

1 of 8
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Strategist
7/24/2015 | 5:28:41 PM
The Dirty Secret of Cloud Hosting Service Providers
Until the providers can disclose the magnitude of the NSA backdoors, ALL of the major cloud providers must be designated Pre-Compromised. A backdoor is a backdoor, encryption is nice but when an organization can throw 3 trillion brute forces a day at the cypher, how long will that hold up. (yeah, like tissue paper)

So why is this such an issue? It's not that the malicious elements are going to go after the NSA repository, that would suicide. Rather they want access to the big sucking portal of a back door. While man-in-the-middle intrusions are probably already covered, you can bet all kinds of data-center escalation access are high target.

But it's the NSA, What's the big deal? Read the fine print of HIPAA compiance. Lawyers with suits against the federal government can kiss attorney-client privledge goodbye.

Public cloud does have a place, a good rule of thumb is "if you would not be bothered seeing it splashed across Facebook, then cloud is good for handling that data."

*note - I am using Facebook as relative measurement of exposure, not in the litteral context.

My point is until a provider can guarantee, with full disclosure, the actual security design of it's infrastructure these discussions are moot. They are inheirently Not secure.
User Rank: Apprentice
7/22/2015 | 10:02:41 AM
Cloud Security
We at nCrypted Cloud also agree. We have several Fortune 500 customers including a Fortune 100 Health Insurance company that also agree.

The first point that I would like to make is one of Web Scale.  Dropbox has 400 million users and they add roughly 400,000 new users every day.  Their business model demands that they need to be able to let you access your data wherever you are and on any machine and keep it secure and they do it BETTER than your IT department can do it.

The real issue is that the data the companies are putting in the cloud is private, confidential or regulated.   Because we all use a combination of corporate and user owned devices in this BYOD world, we need to protect the data on the END POINTS not only in the cloud.   In order to do that securely, you need to ADD in security like nCrypted Cloud.

The second point I would like to make is that this is really about Secure Data and Secure Collaboration.

Our Secure Collaboration expertise is causing companies to realize that they need to improve ALL methods of collaborating both inside and outside of the firewall.

We recently added a new product that we call Infinite Mail to allow users to securely collaborate with anyone (inside or outside of the firewall) and continue to be the owner of the data. 

The third point that I would like to offer up is that Data Ownership is more important than ever with HIPAA and other regulatory issues facing companies and once any data leaves the firewall (Via Email or Cloud File Sharing), the recipient becomes the de facto owner of the data.

nCrypted Cloud chnages that dynamic by allowing the sender to retain ownership and be able to grant or revoke certain rights including View Only, Watermarkling, the abiliy to download and/or print and other attributes as well.

So in closing, we agree that Cloud Security IS mich better than what you currently have in house and companies are realizing that they can use the Cloud in a secure manner AND save money as well.


Ulf Mattsson
Ulf Mattsson,
User Rank: Strategist
7/21/2015 | 9:38:32 AM
Gaps looks to be closing
I agree that "For years, cloud computing progressed at a faster rate than cloud security could protect it. Starting in 2015 and beyond, that gap looks to be closing."

Gartner released the report "Simplify Operations and Compliance in the Cloud by Protecting Sensitive Data" in June 2015 that highlighted key challenges as "cloud increases the risks of noncompliance through unapproved access and data breach."

The report recommended CIOs and CISOs to address data residency and compliance issues by "applying encryption or tokenization," and to also "understand when data appears in clear text, where keys are made available and stored, and who has access to the keys."

Another recent Gartner report concluded that "Cloud Data Protection Gateways" provides a "High Benefit Rating" and "offer a way to secure sensitive enterprise data and files stored in SaaS applications".

Ulf Mattsson, CTO Protegrity
Multicloud Infrastructure & Application Management
Multicloud Infrastructure & Application Management
Enterprise cloud adoption has evolved to the point where hybrid public/private cloud designs and use of multiple providers is common. Who among us has mastered provisioning resources in different clouds; allocating the right resources to each application; assigning applications to the "best" cloud provider based on performance or reliability requirements.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of October 9, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll