Data security is always a hot topic among IT industry pundits

Data security is always a hot topic

Data security is always a hot topic among IT industry pundits, but I believe 2013 will go down as the year security crawled out of the basement and into the cultural zeitgeist.

Edward Snowden and the NSA spying revelations may have been the biggest tech story of the year. And mass data breaches at Twitter, Facebook, Adobe and The New York Times (just to name a few) were PR nightmares that raised the profile of data security — particularly in the cloud — as a recurring topic of conversation in the boardroom.

No doubt today’s breaking news will define many of tomorrow’s innovative technologies. We’re watching these developments closely at Gazzang and continuing to evolve and enhance our solutions to meet the growing needs of enterprises in the cloud and with big data.

As we close the book on 2013, I’d like to share a few cloud security-related predictions:

  •  SaaS vendors will offer encryption keys revocable by end users. SaaS providers understand they have an obligation to protect sensitive data on behalf of their clients. I believe more cloud vendors will provide encryption, and allow their clients to control access to the encrypted data by giving them ultimate control of the keys. This includes the ability to revoke the key and render data unreadable by the SaaS vendor.
  • Vulnerability of APIs will be exposed. APIs are increasingly popular for application integration because they enable apps (and soon Internet-connected objects) to request data from each other. Yet exposing core business data and processes via APIs makes them more susceptible to hackers — increasing the risk for intrusion attacks, data theft or DOS attacks.
  • European companies migrate data from US-based cloud and SaaS providers in response to NSA Prism scandal. US-based cloud Service Providers including Google, Amazon and Microsoft account for approximately 85 percent of global markets. However, a recent Cloud Security Alliance survey of 500 respondents found that 56 percent of non-US residents were less likely to use US-based cloud providers in light of recent revelations about Government access to customer information. In response, the EU’s European Cloud Partnership is drafting a charter to promote an EU-based digital cloud service.
  • As NSA concerns fade, data privacy concerns skyrocket. Most people and organizations will realize they’re not being targeted by the NSA; however, the residual effect of the spying scandal is that data privacy will become a scorching hot topic in 2014. A recent poll shows 86 percent of U.S. Internet users have taken steps online to remove or mask their digital footprints using a variety of methods, and more than 70 percent of E.U. citizens want to have more control over how their data is used online.
  • Major trustees of consumer data, such as Google, Yahoo and Facebook begin to offer consumer-based key management services, where the provider hosts the encryption and the end-user manages the keys to their personal data. Consumer cloud storage providers tend to design systems that emphasize recoverability over security. However, as organizations like the NSA continue to snoop on citizens, cloud services face increasing pressure to up the ante in privacy protections and data security, allowing users to hold their own encryption keys and prevent access to sensitive data that might otherwise fall subject to government subpoena.

By Larry Warnock

Rakesh Soni
Multi-tenant clouds are becoming more popular than ever because they're incredibly cost effective and easy to set up. If you're considering switching your business over to a multi-tenant cloud platform, this article is for you ...
Rakesh Soni
Customer Experience: Living In A Connected World and Winning the IoT Race IoT and smart interconnected systems have already created an invisible aura of convenience, usability, and a rich user experience around us. However, when ...
Threat Security
Azure Red Hat OpenShift: What You Should Know What Is Azure Red Hat OpenShift? Red Hat OpenShift provides a Kubernetes platform for enterprises. Azure Red Hat OpenShift permits you to deploy fully-managed OpenShift clusters in ...
Derrek Schutman
Implementing Digital Capabilities Successfully Building robust digital capabilities can deliver huge benefits to Digital Service Providers (DSPs). A recent TMForum survey shows that building digital capabilities (including digitization of customer experience and operations), is the ...
Yuliya Melnik
DevOps Services Outsourcing The sooner you release your unique idea to the public, the higher the chance that it will receive the lion's share of the audience's attention. Delays in development can lead competitors to ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.