Kayla Matthews

The California Consumer Privacy Act: What You Should Know

The California Consumer Privacy Act GDPR or the European Union’s General Data Protection Regulation effectively altered the way that businesses interact with European citizens. It doesn’t matter whether a company is located within the boundaries of Europe or not — if it does business with
/
6 Best Practices For Increasing Security In AWS In A Zero Trust World

6 Best Practices For Increasing Security In AWS In A Zero Trust World

AWS Security Best Practices Enterprises are rapidly accelerating the pace at which they’re moving workloads to Amazon Web Services (AWS) for greater cost, scale and speed advantages. And while AWS leads all others as the enterprise public cloud platform of choice, they and all Infrastructure-as-a-Service (IaaS) providers
/

Data security is always a hot topic among IT industry pundits

Data security is always a hot topic

Data security is always a hot topic among IT industry pundits, but I believe 2013 will go down as the year security crawled out of the basement and into the cultural zeitgeist.

Edward Snowden and the NSA spying revelations may have been the biggest tech story of the year. And mass data breaches at Twitter, Facebook, Adobe and The New York Times (just to name a few) were PR nightmares that raised the profile of data security — particularly in the cloud — as a recurring topic of conversation in the boardroom.

No doubt today’s breaking news will define many of tomorrow’s innovative technologies. We’re watching these developments closely at Gazzang and continuing to evolve and enhance our solutions to meet the growing needs of enterprises in the cloud and with big data.

As we close the book on 2013, I’d like to share a few cloud security-related predictions:

  •  SaaS vendors will offer encryption keys revocable by end users. SaaS providers understand they have an obligation to protect sensitive data on behalf of their clients. I believe more cloud vendors will provide encryption, and allow their clients to control access to the encrypted data by giving them ultimate control of the keys. This includes the ability to revoke the key and render data unreadable by the SaaS vendor.
  • Vulnerability of APIs will be exposed. APIs are increasingly popular for application integration because they enable apps (and soon Internet-connected objects) to request data from each other. Yet exposing core business data and processes via APIs makes them more susceptible to hackers — increasing the risk for intrusion attacks, data theft or DOS attacks.
  • European companies migrate data from US-based cloud and SaaS providers in response to NSA Prism scandal. US-based cloud service providers including Google, Amazon and Microsoft account for approximately 85 percent of global markets. However, a recent Cloud Security Alliance survey of 500 respondents found that 56 percent of non-US residents were less likely to use US-based cloud providers in light of recent revelations about government access to customer information. In response, the EU’s European Cloud Partnership is drafting a charter to promote an EU-based digital cloud service.
  • As NSA concerns fade, data privacy concerns skyrocket. Most people and organizations will realize they’re not being targeted by the NSA; however, the residual effect of the spying scandal is that data privacy will become a scorching hot topic in 2014. A recent poll shows 86 percent of U.S. Internet users have taken steps online to remove or mask their digital footprints using a variety of methods, and more than 70 percent of E.U. citizens want to have more control over how their data is used online.
  • Major trustees of consumer data, such as Google, Yahoo and Facebook begin to offer consumer-based key management services, where the provider hosts the encryption and the end-user manages the keys to their personal data. Consumer cloud storage providers tend to design systems that emphasize recoverability over security. However, as organizations like the NSA continue to snoop on citizens, cloud services face increasing pressure to up the ante in privacy protections and data security, allowing users to hold their own encryption keys and prevent access to sensitive data that might otherwise fall subject to government subpoena.

By Larry Warnock

Larry Warnock

Larry is President & CEO at Olono

Larry is responsible for Olono's leadership, operations and strategic direction. He brings more than 30 years of operational expertise working with startups and established technology companies.

Mark Kirstein Partner Experts

BitTitan Cloud Predictions and IT Migration Trends for 2019

IT Migration Trends The beginning of a new year is an ambitious time for people and businesses. Strategic initiatives are finalized, goals are set and ...
Telehealth: Big Data and Healthcare Innovation

Telehealth: Big Data and Healthcare Innovation

Telehealth Innovation Every day, people pop their health-related questions into Google’s search field. Symptoms-related searches alone make up about 1 percent of queries in Google ...
tech

Live Real Time Hacking and Ransomware Tracking Maps Online

Ransomware Tracking Maps We've recently covered a few real time hacking maps but have decided to extend the list based on the recent ransomware activities with ...
Wired

Everyone Wants Facebook’s Libra to Be Regulated. But How?

/
Everyone from President Trump to Representative Maxine Waters (D-California) says Libra, Facebook's planned cryptocurrency, should be heavily regulated. But nobody seems to know how—including Facebook. That much was clear in ...
The Verge

The Verge – Delivery apps like DoorDash are using your tips to pay workers’ wages

/
When you order food through an app and tip the worker who delivers it, you’d be forgiven for thinking that the money you give goes directly to that person. But ...
Rackspace partner

Rackspace’s ObjectRocket Portfolio Offering Expands with Complete MongoDB Licensing

/
SAN ANTONIO – Rackspace’s ObjectRocket portfolio offering has been certified as a worldwide cloud provider of MongoDB, a leading open source general purpose database platform. With this certification, Rackspace has joined a select ...