Register | Login
Advertising
Register
Login
Most-Viewed Articles
New Articles
Publishing Log
Top Publishers
Top-Rated Authors
Top Searches
Trending Articles
Trending Searches
Animals
Arts
Business
Computers
Education
Finance
Games
Health
Home
Internet
News
Recreation
Science
Shopping
Society
Sports
Technology

Cloud Security Questioned After Heartbleed Bug

Posted by skyhighnetworks on April 16th, 2014

Security teams at many companies are still dealing with the aftermath of the NSA revelations from Snowden when hit with another huge blow this week. SSL, the encryption layer for the Internet, was found to have a major bug that would allow an attacker easy access to usernames, password, and encryption keys. “These allegations further question the security of all data crossing the Internet,” Adrian Sanderball, Security Analyst at Actium Consulting.

A key question for many security professionals is whether encryption technology is secure, or even if cloud security can ever be truly achieved. Encryption was seen as the ultimate tool for making sure data is secure when being transmitted online. Documents leaked by Edward Snowden shows the NSA actively worked to undermine the effectiveness of encryption in order to make data more accessible for mass surveillance of Internet traffic.

Even encryption vendor RSA was brought into the mix when it was revealed the company may have received $10 million from the US government in exchange for inserting weaknesses into encryption technology the company sold to corporate and government clients worldwide. Now, Heartbleed is calling into question SSL that is used to protect data as it’s transmitted between companies and websites.

One of the biggest barriers to large companies adopting on-demand SaaS applications is cloud security. Even with SSL, many companies feel that cloud services are not doing enough to encrypt data when stored in the application. Now that data being transferred to and from the cloud, and even encryption keys themselves are vulnerable, many security analysts are recommending companies employ cloud encryption gateways to encrypt data on premises behind the firewall before uploading to a cloud service.

By encrypting data and keeping control over the encryption keys, companies can ensure that if there’s a breach or their data is accessed by a third party, it won’t be viewed by a third party. That step, say experts, is what’s needed before the largest companies will have faith in cloud security.

Author :
Skyhigh Networks, the Cloud Security Services company, enables companies to embrace Cloud Security Services with appropriate levels of security, compliance, and governance while lowering overall risk and cost. With customers in financial services, healthcare, high technology, media, manufacturing, and legal verticals, the company was a finalist for the RSA Conference 2013 Most Innovative Company award and was recently named a "Cool Vendor" by Gartner, Inc. Headquartered in Cupertino, Calif., Skyhigh Networks is led by an experienced team and is venture-backed by Greylock Partners and Sequoia Capital. For more information, visit us at http://www.skyhighnetworks.com or follow us on Twitter@skyhighnetworks.

Like it? Share it!


skyhighnetworks

About the Author

skyhighnetworks
Joined: December 18th, 2013
Articles Posted: 85

More by this author
Trending Articles | Register | Login
Copyright © 2010-2024 Uberant.com