5 Cloud Security Predictions For 2014

5 Cloud Security Predictions For 2014

5 Cloud Security Predictions For 2014

Data security is always a hot topic among IT industry pundits, but I believe 2013 will go down as the year security crawled out of the basement and into the cultural zeitgeist.gazzang_image

Edward Snowden and the NSA spying revelations may have been the biggest tech story of the year. And mass data breaches at Twitter, Facebook, Adobe and The New York Times (just to name a few) were PR nightmares that raised the profile of data security — particularly in the cloud — as a recurring topic of conversation in the boardroom.

No doubt today’s breaking news will define many of tomorrow’s innovative technologies. We’re watching these developments closely at Gazzang and continuing to evolve and enhance our solutions to meet the growing needs of enterprises in the cloud and with big data.

As we close the book on 2013, I’d like to share a few cloud security-related predictions for 2014:

  •  SaaS vendors will offer encryption keys revocable by end users. SaaS providers understand they have an obligation to protect sensitive data on behalf of their clients. I believe more cloud vendors will provide encryption, and allow their clients to control access to the encrypted data by giving them ultimate control of the keys. This includes the ability to revoke the key and render data unreadable by the SaaS vendor.
  • Vulnerability of APIs will be exposed. APIs are increasingly popular for application integration because they enable apps (and soon Internet-connected objects) to request data from each other. Yet exposing core business data and processes via APIs makes them more susceptible to hackers — increasing the risk for intrusion attacks, data theft or DOS attacks.
  • European companies migrate data from US-based cloud and SaaS providers in response to NSA Prism scandal. US-based cloud service providers including Google, Amazon and Microsoft account for approximately 85 percent of global markets. However, a recent Cloud Security Alliance survey of 500 respondents found that 56 percent of non-US residents were less likely to use US-based cloud providers in light of recent revelations about government access to customer information. In response, the EU’s European Cloud Partnership is drafting a charter to promote an EU-based digital cloud service.
  • As NSA concerns fade, data privacy concerns skyrocket. Most people and organizations will realize they’re not being targeted by the NSA; however, the residual effect of the spying scandal is that data privacy will become a scorching hot topic in 2014. A recent poll shows 86 percent of U.S. Internet users have taken steps online to remove or mask their digital footprints using a variety of methods, and more than 70 percent of E.U. citizens want to have more control over how their data is used online.
  • Major trustees of consumer data, such as Google, Yahoo and Facebook begin to offer consumer-based key management services, where the provider hosts the encryption and the end-user manages the keys to their personal data. Consumer cloud storage providers tend to design systems that emphasize recoverability over security. However, as organizations like the NSA continue to snoop on citizens, cloud services face increasing pressure to up the ante in privacy protections and data security, allowing users to hold their own encryption keys and prevent access to sensitive data that might otherwise fall subject to government subpoena.

Larry_WarnockBy Larry Warnock, President & CEO/Gazzang

Larry is responsible for Gazzang’s leadership, operations and strategic direction. He brings more than 27 years of operational expertise working with startups and established technology companies to his role at Gazzang, particularly in the enterprise software, security and data center tools markets.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Secure Third Party Access Still Not An IT Priority Research has revealed that third parties cause 63 percent of all data breaches. From HVAC contractors, to IT consultants, to supply chain analysts and beyond, the threats posed by third parties are real and growing. Deloitte, in its Global Survey 2016 of third party risk, reported…

The Future Of Cloud Storage And Sharing…

The Future Of Cloud Storage And Sharing…

Box.net, Amazon Cloud Drive The online (or cloud) storage business has always been a really interesting industry. When we started Box in 2005, it was a somewhat untouchable category of technology, perceived to be a commodity service with low margins and little consumer willingness to pay. All three of these factors remain today, but with…

The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups Cloud platforms have become a necessary part of modern business with the benefits far outweighing the risks. However, the risks are real and account for billions of dollars in losses across the globe per year. If you’ve been hacked, you’re not alone. Here are some other companies in the past…

Three Tips To Simplify Governance, Risk and Compliance

Three Tips To Simplify Governance, Risk and Compliance

Governance, Risk and Compliance Businesses are under pressure to deliver against a backdrop of evolving regulations and security threats. In the face of such challenges they strive to perform better, be leaner, cut costs and be more efficient. Effective governance, risk and compliance (GRC) can help preserve the business’ corporate integrity and protect the brand,…

Having Your Cybersecurity And Eating It Too

Having Your Cybersecurity And Eating It Too

The Catch 22 The very same year Marc Andreessen famously said that software was eating the world, the Chief Information Officer of the United States was announcing a major Cloud First goal. That was 2011. Five years later, as both the private and public sectors continue to adopt cloud-based software services, we’re interested in this…

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Infrastructure-as-a-Service Security It’s no secret many organizations rely on popular cloud providers like Amazon and Microsoft for access to computing infrastructure. The many perks of cloud services, such as the ability to quickly scale resources without the upfront cost of buying physical servers, have helped build a multibillion-dollar cloud industry that continues to grow each…

Cloud Native Trends Picking Up – Legacy Security Losing Ground

Cloud Native Trends Picking Up – Legacy Security Losing Ground

Cloud Native Trends Once upon a time, only a select few companies like Google and Salesforce possessed the knowledge and expertise to operate efficient cloud infrastructure and applications. Organizations patronizing those companies benefitted with apps that offered new benefits in flexibility, scalability and cost effectiveness. These days, the sharp division between cloud and on-premises infrastructure…

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

DDoS Attacks October 21st, 2016 went into the annals of Internet history for the large scale Distributed Denial of Service (DDoS) attacks that made popular Internet properties like Twitter, SoundCloud, Spotify and Box inaccessible to many users in the US. The DDoS attack happened in three waves targeting DNS service provider Dyn, resulting in a total of about…