Cloud Encryption Frustrates Government Surveillance
Posted by skyhighnetworks on April 9th, 2014
For Jeremy Lindhoff, one NSA powerpoint slide in a recent article based on materials released by whistleblower Edward Snowden caught his eye. “The diagram shows the NSA intercepting data between our datacenters, without approaching us with a court order to discover our customer’s information.”
His operations team at a large US cloud provider was tasked with identifying ways to protect their customer’s data from what they saw as rogue surveillance. Cloud Encryption, that is encrypting data as it travels between the company’s datacenters, was decided to solve the surveillance problems.
Inside the firewall, data is protected by encryption and data loss prevention policies. With more corporate data moving to the cloud, the network edge is also moving from the firewall into the cloud. Companies need more than a firewall, they need a virtual “cloud edge” to protect data wherever it goes.
The cloud encryption schemes not only protect data as it transits between datacenters, they also apply it to data stored in server farms. That way, if an attacker were to breach the network defenses and gain access to the information, it would be inaccessible and unreadable without the encryption keys to decrypt the information. In a sense, encryption is an additional layer of protection, a final defense against security breaches or third party surveillance of data as it moves around the Internet.
Their solution does not distinguish between an attacker and any unauthorized third party. “We liked the solution because it doesn’t matter if the intruder is a government agency without permission to view the data, or a cyber criminal, the data is always protected no matter if it’s stored or being moved between datacenters or between a datacenter and the customer,” said Lindhoff.
“Ultimately, every cloud provider will need to embrace a level of security that meets the needs of their customers in order to address customer fears,” says Luke Abbott, an information security analyst and advisor to corporate clients investing in technology. According to Abbott, cloud encryption is the ideal defense because it prevents surveillance, security breaches, and maintains the end user experience.
Skyhigh Networks, the Cloud Security company, enables companies to embrace Cloud Services with appropriate levels of security, compliance, and governance while lowering overall risk and cost. With customers in financial services, healthcare, high technology, media, manufacturing, and legal verticals, the company was a finalist for the RSA Conference 2013 Most Innovative Company award and was recently named a "Cool Vendor" by Gartner, Inc. Headquartered in Cupertino, Calif., Skyhigh Networks is led by an experienced team and is venture-backed by Greylock Partners and Sequoia Capital. For more information on Cloud Encryption, visit us at http://www.skyhighnetworks.com/cloud-encryption/ or follow us on Twitter @skyhighnetworks.