CipherCloud has worked hard to stress the importance of cloud data security and the need for encryption and key management when utilizing the cloud for Fortune 2000 businesses, so it’s particularly gratifying when a major independent research company like Gartner Inc., issues a report that essentially agrees with nearly everything the company has been saying.
In the report “Five Cloud Data Residency Issues That Must Not Be Ignored,” Gartner analysts Brian Lowans, Neil MacDonald and Carsten Casper, warn Chief Information Security Officers and Chief Security Officers of the importance of complex security and regulatory data residency issues when enterprises plan to store data in the cloud or remote data centers.
The report acknowledges the importance of cloud computing, not only for cost savings but also for the resilience it provides for retrieving data in the face of disaster.
Some of the key issues cited, and recommendations made, in the report include:
– Differing regulations on protecting data in different countries
– National and International laws which provide authorities with access to data, which may conflict with a host country’s privacy rules
– Being aware of where cloud data is actually stored
– Understand how data residency issues affect your data storage footprint
– Only permit the key management and decryption of data by users
But as the final big issue in the report, Gartner recommends companies review their data encryption options. This includes deploying encryption solutions if there are data residency concerns for data crossing borders, ensuring that cloud service providers are not granted access to the secured data, and that keys are managed locally to comply with local privacy requirements. All of which are points CipherCloud has been stressing for some time.
And, not to put too fine a point on it, but the Gartner report lists in its evidence a specific case where CipherCloud was brought in to secure a German multibillion-dollar global consumer packaged goods company adoption of salesforce.com and its necessary access to the cloud. The firm was concerned that Germany’s strict data privacy laws would prevent access to major cloud-based applications, but with the adoption of a cloud encryption gateway solution from CipherCloud, the organization was able at securely store and use sensitive customer data using salesforce.com.
Gratifying indeed to see security being used as an enabler of good business practices, and touted by independent research.