Welcome!

Containers Expo Blog Authors: Elizabeth White, Mehdi Daoudi, Pat Romanski, Liz McMillan, Automic Blog

Blog Feed Post

What’s the future for cloud security and why enterprises will be willing to outsource their security requirements

(Originally posted by Rake Narang at Info Security Products Guide)

Porticor is the leader in cloud security, delivering secure, easy to use, scalable solutions for data encryption and key management. Porticor enables companies of all sizes to keep their data safe, comply with regulatory standards, and streamline operations.

Founded in 2010 by experts in security, cloud computing and cryptography, Porticor protects critical data in public, private and hybrid clouds. Within minutes, customers can encrypt their entire data layer using proven encryption algorithms. Porticor VPD™ is built for homomorphic split-key encryption, a breakthrough technology offering the convenience of cloud-based key management without sacrificing trust.

In the following interview, Gilad Parann-Nissany, Chief Execeutive Officer of Porticor Cloud Security, discusses 1:1 with Rake Narang, Editor-in-Chief of Info Security Products Guide, the future for cloud security and why enterprises will be willing to outsource their security requirements.

Rake Narang, Editor-in-Chief: What are the top 5 issues you hear from customers regarding cloud security?

Gilad Parann-Nissany: Customers we talk to are pretty consistent, usually raising these data security concerns:

  • High Security
  • Regulatory Compliance
  • Flexible deployment & provisioning
  • Dealing with Complexity
  • Effective Key Management

There is a strong industry consensus that security, along with regulatory compliance, is the #1 barrier to adoption of cloud computing. Underlining these concerns is the need to establish trust – an organization can outsource its storage or its compute resources, but it cannot outsource confidentiality!

At the same time, companies are attracted to cloud computing for its advantages: flexibility, elasticity and the pay-as-you-go economic model. Customers in the cloud can bring up servers and storage in minutes, and they expect a security solution to provide the same high degree of automation and management.

Customers cannot accept a tradeoff between security and flexibility. They expect the security vendor to deliver the best of both worlds – a strong data security solution which does not compromise the cloud values of flexibility and elasticity. This is not an easy task.

What’s required is a solution to “all of the above”: up in minutes; pay as you go; using the strongest proven encryption algorithms; and ensuring auditability and regulatory compliance.

The needed breakthrough should mean customers’ data is always encrypted, and the master encryption keys are themselves encrypted, even when in use. Key splitting and homomorphic technologies are the secret sauce that can solve this challenge. And this creates trust.

Rake Narang: What’s the future for cloud security? Why will enterprises be willing to outsource their security requirements?

Gilad Parann-Nissany: At the highest level, the message of the cloud is freedom to focus on organizational core strengths and outsource non-core activities like purchasing servers and deployment. In the same way, it makes sense to outsource security.

Nevertheless, achieving data security in the cloud is a difficult challenge. It’s a little like having your cake and eating it; Enterprises want trust and outsourcing at the same time.

We are seeing great investment by cloud providers and security vendors, and the direction is promising. In some ways, because it allows better management and flexible control of resources, cloud computing can be more secure than traditional IT. This was recently recognized by the NSA director and U.S. Cyber Command commander, Gen. Keith Alexander.

In other ways, fundamental breakthroughs in technology are still needed. We see these coming from the fields of key-splitting technology and homomorphic encryption. If these are properly implemented, they allow you to be in the cloud without losing control, because sensitive data or keys are encrypted even when in use in the cloud, which means cloud providers cannot know them, and even security vendors never know them.

This is the kind of breakthrough that enables trust. Your “security cake” remains whole, and you still enjoy your slice of pay-as-you-go.

So the future of the cloud security industry is rosy, because it is precisely on trend: enterprises will want to outsource complexity to experts who can deliver breakthroughs, while maintaining the confidentiality of information.

Rake Narang: So focusing on cloud security, when is it possible to use classic solutions and where is it necessary to implement new solutions?

Gilad Parann-Nissany: Cloud computing is not one technology; it is the confluence of many advances in virtualization, service enablement, operations, commoditization and industrialized environments. Many well-known technologies from previous innovation rounds – continue to work in the cloud.

This is just as true in the security market, where technologies like firewalls, virtual private networks or data leak prevention – remain very relevant. With these, the right strategy for Enterprises may be evolution: this often involves taking an existing approach, deploying it in the cloud, and then – crucially – wrapping it in an API (application program interface) so that it can be automated in the cloud’s industrialized environment.

But some areas do require new solutions.

The role of encryption changes, since data is no longer between the “four walls” of the enterprise
Encryption Keys management is critical, since keys cannot be simply stored in the cloud
New cloud storage technologies, i.e. distributed data storage, require security
New data protection measures emerge, for example fragmenting data in many pieces in the cloud
Hypervisors and virtual machines are an area of ongoing research
Physical security of cloud environments is required
The community has provided useful results for hypervisor security, and the best cloud providers do a great job of physical security. Yet new technologies, such as split-key management and homomorphic encryption, have a critical role to play. This will, for the first time, enable enterprises to outsource the complexity while keeping control and confidentiality.

Company: Porticor Cloud Security
Tel Aviv, Israel

Founded in: 2010
CEO: Gilad Parann-Nissany
Products and Services: Porticor® Virtual Private Data™ system

Company’s Goals: Enable trusted cloud computing, especially by securing data at rest, for companies of all sizes. We do this by providing, for the first time, an encryption and key management system that does not expose customer data or keys to cloud or security providers, while offering the highest degree of security, the quickest and most cost-effective operations, and excellent performance.

About Gilad Parann-Nissany Gilad Parann Nissany100x133 What’s the future for cloud security and why enterprises will be willing to outsource their security requirements

A pioneer of Cloud Computing, Gilad has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business), contributed to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at G.ho.st – a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Data Security.

The post What’s the future for cloud security and why enterprises will be willing to outsource their security requirements appeared first on Porticor Cloud Security.

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at G.ho.st - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.

@ThingsExpo Stories
SYS-CON Events announced today that CAST Software will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CAST was founded more than 25 years ago to make the invisible visible. Built around the idea that even the best analytics on the market still leave blind spots for technical teams looking to deliver better software and prevent outages, CAST provides the software intelligence that matter ...
From 2013, NTT Communications has been providing cPaaS service, SkyWay. Its customer’s expectations for leveraging WebRTC technology are not only typical real-time communication use cases such as Web conference, remote education, but also IoT use cases such as remote camera monitoring, smart-glass, and robotic. Because of this, NTT Communications has numerous IoT business use-cases that its customers are developing on top of PaaS. WebRTC will lead IoT businesses to be more innovative and address...
WebRTC is great technology to build your own communication tools. It will be even more exciting experience it with advanced devices, such as a 360 Camera, 360 microphone, and a depth sensor camera. In his session at @ThingsExpo, Masashi Ganeko, a manager at INFOCOM Corporation, will introduce two experimental projects from his team and what they learned from them. "Shotoku Tamago" uses the robot audition software HARK to track speakers in 360 video of a remote party. "Virtual Teleport" uses a...
When shopping for a new data processing platform for IoT solutions, many development teams want to be able to test-drive options before making a choice. Yet when evaluating an IoT solution, it’s simply not feasible to do so at scale with physical devices. Building a sensor simulator is the next best choice; however, generating a realistic simulation at very high TPS with ease of configurability is a formidable challenge. When dealing with multiple application or transport protocols, you would be...
SYS-CON Events announced today that CA Technologies has been named “Platinum Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. CA Technologies helps customers succeed in a future where every business – from apparel to energy – is being rewritten by software. From planning to development to management to security, CA creates software that fuels transformation for companies in the applic...
SYS-CON Events announced today that Pulzze Systems will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Pulzze Systems Inc, provides the software product "The Interactor" that uniquely simplifies building IoT, Web and Smart Enterprise Solutions. It is a Silicon Valley startup funded by US government agencies, NSF and DHS to bring innovative solutions to market.
In his session at @ThingsExpo, Dr. Robert Cohen, an economist and senior fellow at the Economic Strategy Institute, presented the findings of a series of six detailed case studies of how large corporations are implementing IoT. The session explored how IoT has improved their economic performance, had major impacts on business models and resulted in impressive ROIs. The companies covered span manufacturing and services firms. He also explored servicification, how manufacturing firms shift from se...
SYS-CON Events announced today that Elastifile will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Elastifile Cloud File System (ECFS) is software-defined data infrastructure designed for seamless and efficient management of dynamic workloads across heterogeneous environments. Elastifile provides the architecture needed to optimize your hybrid cloud environment, by facilitating efficient...
SYS-CON Events announced today that Golden Gate University will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Since 1901, non-profit Golden Gate University (GGU) has been helping adults achieve their professional goals by providing high quality, practice-based undergraduate and graduate educational programs in law, taxation, business and related professions. Many of its courses are taug...
Recently, WebRTC has a lot of eyes from market. The use cases of WebRTC are expanding - video chat, online education, online health care etc. Not only for human-to-human communication, but also IoT use cases such as machine to human use cases can be seen recently. One of the typical use-case is remote camera monitoring. With WebRTC, people can have interoperability and flexibility for deploying monitoring service. However, the benefit of WebRTC for IoT is not only its convenience and interopera...
When shopping for a new data processing platform for IoT solutions, many development teams want to be able to test-drive options before making a choice. Yet when evaluating an IoT solution, it’s simply not feasible to do so at scale with physical devices. Building a sensor simulator is the next best choice; however, generating a realistic simulation at very high TPS with ease of configurability is a formidable challenge. When dealing with multiple application or transport protocols, you would be...
WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web communications world. The 6th WebRTC Summit continues our tradition of delivering the latest and greatest presentations within the world of WebRTC. Topics include voice calling, video chat, P2P file sharing, and use cases that have already leveraged the power and convenience of WebRTC.
SYS-CON Events announced today that Secure Channels, a cybersecurity firm, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Secure Channels, Inc. offers several products and solutions to its many clients, helping them protect critical data from being compromised and access to computer networks from the unauthorized. The company develops comprehensive data encryption security strategie...
An increasing number of companies are creating products that combine data with analytical capabilities. Running interactive queries on Big Data requires complex architectures to store and query data effectively, typically involving data streams, an choosing efficient file format/database and multiple independent systems that are tied together through custom-engineered pipelines. In his session at @BigDataExpo at @ThingsExpo, Tomer Levi, a senior software engineer at Intel’s Advanced Analytics ...
Internet-of-Things discussions can end up either going down the consumer gadget rabbit hole or focused on the sort of data logging that industrial manufacturers have been doing forever. However, in fact, companies today are already using IoT data both to optimize their operational technology and to improve the experience of customer interactions in novel ways. In his session at @ThingsExpo, Gordon Haff, Red Hat Technology Evangelist, shared examples from a wide range of industries – including en...
Detecting internal user threats in the Big Data eco-system is challenging and cumbersome. Many organizations monitor internal usage of the Big Data eco-system using a set of alerts. This is not a scalable process given the increase in the number of alerts with the accelerating growth in data volume and user base. Organizations are increasingly leveraging machine learning to monitor only those data elements that are sensitive and critical, autonomously establish monitoring policies, and to detect...
"We're a cybersecurity firm that specializes in engineering security solutions both at the software and hardware level. Security cannot be an after-the-fact afterthought, which is what it's become," stated Richard Blech, Chief Executive Officer at Secure Channels, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
To get the most out of their data, successful companies are not focusing on queries and data lakes, they are actively integrating analytics into their operations with a data-first application development approach. Real-time adjustments to improve revenues, reduce costs, or mitigate risk rely on applications that minimize latency on a variety of data sources. Jack Norris reviews best practices to show how companies develop, deploy, and dynamically update these applications and how this data-first...
Intelligent Automation is now one of the key business imperatives for CIOs and CISOs impacting all areas of business today. In his session at 21st Cloud Expo, Brian Boeggeman, VP Alliances & Partnerships at Ayehu, will talk about how business value is created and delivered through intelligent automation to today’s enterprises. The open ecosystem platform approach toward Intelligent Automation that Ayehu delivers to the market is core to enabling the creation of the self-driving enterprise.
The question before companies today is not whether to become intelligent, it’s a question of how and how fast. The key is to adopt and deploy an intelligent application strategy while simultaneously preparing to scale that intelligence. In her session at 21st Cloud Expo, Sangeeta Chakraborty, Chief Customer Officer at Ayasdi, will provide a tactical framework to become a truly intelligent enterprise, including how to identify the right applications for AI, how to build a Center of Excellence to ...