Security Advisor

Cloud Providers, Vendors Stepping Up Encryption

The most recent high-profile offering comes from HP with its split-key cloud security suite.

Roughly one year after the first leaked documents supplied by former NSA Contractor Edward Snowden made it into the public, security and privacy concerns for data stored in the cloud continues to be a relevant. A recent survey by Ponemon Institute LLC found that 62 percent of respondents believe the cloud services used in their enterprises have not been fully investigated for security before deployment.

Answering the trepidation of many to trust the cloud with sensitive data, many companies including Google and Microsoft  have stepped up both the encryption in their services, along with increasing their rhetoric on committing to customer privacy. Microsoft said it will be bringing 2018-bit Private Forward Secrecy (PFS) as the default decryption for Office 365, Azure, Outlook.com and OneDrive, while Google is enabling encryption across all its services, including an encryption plugin for its Chrome Web browser.

HP also looks to ease cloud privacy concerns suite by putting the security tools in the hands of the user. Announced last week, the company's new HP Atalla solutions aims to encrypt organization data at rest, in motion and at use in cloud, mobile and on-premises environments.

"As organizations embrace the New Style of IT, protecting sensitive information as it moves within and outside the enterprise becomes more critical than ever before," said Art Gilliland, senior vice president and general manager, Enterprise Security Products, HP, in a press release. "Building on decades of leadership in information protection, we are now extending the scale and power of HP Atalla's encryption technology from the data center to the cloud -- safeguarding data regardless of where it resides." 

A part of the suite includes HP Atalla Cloud Encryption, which protects the data before it leaves the enterprise and uses a split-key encryption process to split and combines the keys during encryption. This ensures that no matter who tries to access the data in the cloud, only a portion of the encryption key would be available and unencrypting the data could not occur without the portion stored with the user.

And those portions of the key which reside with the user/enterprise can be further protected with the HP Enterprise Secure Key Manager, which is included in the Atalla suite and offers management and protection capabilities in FIPS 140-2 Level 2 validated security appliances.

Last year we asked readers if the revelations from the leaked NSA documents had you looking to boost your own cloud data encryption levels, with more than half saying the privacy concerns raised did call for an increase. Do you think HP's offering could alleviate some the burden of protecting your cloud-bound data? If you have stepped up your encryption, which solution/service are you using? Share your thoughts in the comments below or shoot me an e-mail at [email protected]

Also, we're looking to once again take the pulse of the IT community by fielding a follow-up to our cloud privacy survey from last year. Please help to contribute to a future issue article by taking our short survey.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Microsoft Drops 'Solorigate' for 'Nobelium' in Ongoing SolarWinds Attack Investigations

    Microsoft this week described "three new pieces" of malware that were used in the SolarWinds Orion espionage attacks dubbed "Solorigate," although Microsoft security researches are now calling it "Nobelium."

  • Microsoft Universal Print Service Commercially Released

    Microsoft announced on Tuesday that its Universal Print service is now commercially released at the "general availability" stage worldwide.

  • Restoring a Backup to Dissimilar Hardware: 3 Things To Watch Out For

    Getting a new desktop looking and feeling like the old one used to take a long time, but modern backup applications have greatly streamlined the process. Still, there are a few things to keep in mind to avoid potential issues.

  • Black Box

    Microsoft Releases Windows Server 2022 Preview

    Microsoft announced during its Ignite event that Window Server 2022 is currently availability at the preview stage.

comments powered by Disqus