Welcome!

Containers Expo Blog Authors: Liz McMillan, Pat Romanski, Yeshim Deniz, Elizabeth White, Zakia Bouachraoui

Blog Feed Post

Big Data Cloud Security Challenges, per the White House

cloud security best practices Cloud Security Cloud Encryption big data  big data cloud securityBDN1 Big Data Cloud Security Challenges, per the White HouseMay 1 has long been known as May Day or International Worker’s Day. In 2014, it could just as well have been dubbed Big Data Security Day. It was on May 1 that the white house released an 85-page report on big data called Seizing Opportunities, Preserving Values, discussing big data applications such as transparency into government spending (waste), helping the US economic recovery, as well as improving education and healthcare: all topics near and dear to our hearts.

The report encouraged the current administration to take expedited action with regard to pending legislation and detailed big data’s failures in protecting privacy.

Some of the pressing privacy issues as they relate to the big data report:

 

1.       Ownership of personal data

Who owns personal information? Who is trusted with personal information?

Is there a way to make sure the personal information a company has been entrusted with remains under the sole ownership of said company?

 

2.       De-identifying data is an imperfect proposition.

The report mentions the “mosaic effect, whereby personally identifiable information can be derived or inferred from datasets that do not even include personal identifiers.”

So, how can big data applications gather personal information without others being able to re-identify the de-identified?

 

3.       Don’t forget small data

Though all the buzz is around big data, the report identifies small data as the culprit for the most common privacy risks, a la defrauding personal banking information, which may not require big data, but causes big damage.

Is there a way to limit (or, dare we say: prevent) breaches like the Target credit card disaster or the Heartbleed bug?

 

4.       ePHI must be protected

Though the healthcare industry has much to gain from big data, it also has many concerns. Protected Health Information must remain private. The report claims “the privacy frameworks that currently cover information now used in health may not be well suited to address these developments or facilitate the research that drives them.”

Is there a way to reap the benefits of big data and maintain HIPAA compliance and ePHI privacy?

 

5.       What about the NSA and other snoopers?

Actually, President Obama commissioned the report in response to outrage over the NSA snooping scandal, but the report itself didn’t explore much of the agency’s protocols. It also didn’t investigate Google, Facebook, Verizon, or other possible corporates with privacy challenges.

Is there a way to limit the snooping capabilities of the NSA and others?

A Cloud Security Solution for Big Data Applications

What would report writer White House counselor, John Podesta say to a solution that addresses all five of these concerns? With homomorphic split key encryption:

  1. The company that owns the data owns the encryption key. That way, no one else can access personal data. If you consent to your medical insurance company, for example, to have your medical records, only they have access to your medical records. This technology ensures it.
  2. A big data application can gather vast amounts of information, yet its owner can easily control the encryption (and decryption) of that information as only they have the Master encryption key.
  3. Malicious hackers and unwitting insider accomplices alike are stopped when the encryption key is, itself, under lock and key.
  4. HIPAA compliance can be maintained in the cloud for big data applications.
  5. No one: not the NSA, not Google, not even a cloud provider, can access data that is encrypted with homomorphic split key encryption without the legitimate owner providing their master key.

Big data has many challenges ahead, but privacy and cloud security are solvable with new technology. Small and big organizations alike can step up to deal with the challenges big data presents and to reap the opportunities it provides.

The post Big Data Cloud Security Challenges, per the White House appeared first on Porticor Cloud Security.

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at G.ho.st - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.

IoT & Smart Cities Stories
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
As IoT continues to increase momentum, so does the associated risk. Secure Device Lifecycle Management (DLM) is ranked as one of the most important technology areas of IoT. Driving this trend is the realization that secure support for IoT devices provides companies the ability to deliver high-quality, reliable, secure offerings faster, create new revenue streams, and reduce support costs, all while building a competitive advantage in their markets. In this session, we will use customer use cases...