Download - Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without compromising on security)
![Page 1: Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without compromising on security)](https://reader033.vdocuments.site/reader033/viewer/2022052822/554b7394b4c90564168b52ce/html5/thumbnails/1.jpg)
MARK SILVERBERG
PROJECT
SEMESTER BYGWSB FALL 2013CLOUD ENCRYPTION GATEWAYSEXECUTIVE TECHNOLOGY PRESENTATION
![Page 2: Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without compromising on security)](https://reader033.vdocuments.site/reader033/viewer/2022052822/554b7394b4c90564168b52ce/html5/thumbnails/2.jpg)
How can our enterprise take advantage of third-party apps that run in the cloud without compromising on security?
That’s easy! Just approve my acquisition order for a cloud
encryption gateway.
Confusion
![Page 3: Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without compromising on security)](https://reader033.vdocuments.site/reader033/viewer/2022052822/554b7394b4c90564168b52ce/html5/thumbnails/3.jpg)
A security product that obfuscates sensitive information stored in the cloud
Cloud Encryption Gateways
What are CEGs?
Sensitive data is encrypted as it flows from a device, through the CEG proxy, and into the cloud service provider’s backend
![Page 4: Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without compromising on security)](https://reader033.vdocuments.site/reader033/viewer/2022052822/554b7394b4c90564168b52ce/html5/thumbnails/4.jpg)
How Is That Secure?The cloud provider (such as Salesforce or Google Apps) store values that only the CEG can decrypt
![Page 5: Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without compromising on security)](https://reader033.vdocuments.site/reader033/viewer/2022052822/554b7394b4c90564168b52ce/html5/thumbnails/5.jpg)
Key BenefitsFacilitates confidentiality
When using encryption, maintains integrity of sensitive data
Allows security-conscious organizations to adopt public/private cloud applications (SaaS) and infrastructure (IaaS) which may aid availability
Confidentiality
IntegrityAvailability
![Page 6: Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without compromising on security)](https://reader033.vdocuments.site/reader033/viewer/2022052822/554b7394b4c90564168b52ce/html5/thumbnails/6.jpg)
Key Findings & Recommendations
Key Findings Recommendations
By definition, CEGs mustintegrate with third-party apps
Plan for ongoing supportof connectors by CEG & 3rd parties
Most CEG providers support commonand popular SaaS and IaaS offerings
Many offer to ingrate with “any app”, but additional resources may be required
Do not forget about the trade-offs ofA) the cloud and
B) encryption
A) CEG server and workforce locations will affect latency and perceived performance
!B) Might not want to encrypt all
information if you need to do calculations server-side
!CEG is an emerging technology — new and better offerings are being actively
developedEnter into short-term contracts
![Page 7: Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without compromising on security)](https://reader033.vdocuments.site/reader033/viewer/2022052822/554b7394b4c90564168b52ce/html5/thumbnails/7.jpg)
Gartner Hype Cycle
Benefit Rating:High
Market Penetration:1-5%
Maturity: Emerging
Cloud Encryption Gateways
![Page 8: Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without compromising on security)](https://reader033.vdocuments.site/reader033/viewer/2022052822/554b7394b4c90564168b52ce/html5/thumbnails/8.jpg)
Adoption & Implementation Strategy and Implementation Timelines
Highly interdependent on..
existing network structure (WAN/VPN/existing proxies) and size
third party integrations (Salesforce.com, GMail, etc.) must be configured
number and location of hosts (PCs, servers, mobile devices) may need to be touched
![Page 9: Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without compromising on security)](https://reader033.vdocuments.site/reader033/viewer/2022052822/554b7394b4c90564168b52ce/html5/thumbnails/9.jpg)
Current market leader and one of the first COTSIntegrations for many offerings including Salesforce, Box, MS Office 365, Gmail, Amazon Web ServicesFocus industries: financial services and healthcarePricing:
Free trial availableFlexible, subscription based pricing model with no long-term contracts or lock-in periods - From $5 to $20 per month per user
Additional features include:Partnership with providers to offer “real-time cloud malware protection against viruses, spyware, trojans, bots, [and] rootkits”
As of 11/2013: 2 million users, 250 million records protected, 10 industries, 14 countries, 6 languages
Appears to be second to CipherCloudIntegrations include Salesforce, ServiceNow, Oracle, Amazon Web ServicesMarketing focuses on international data privacy laws and government agency/NGO requirements such as data residency and other obligationsAdditional features include:
Mail Transport Agent that “allows organizations to use email services, even when contact and other sensitive information is no longer in the cloud”
Cipher CloudCloud Data Protection Gateway by PerspecSys
Both companies follow FIPS 140-2 standards which require at least AES-256 encryption and have had dozens of millions of dollars invested in them by top venture capital firms (suggesting that this is an emerging technology offering that is not yet profitable)
![Page 10: Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without compromising on security)](https://reader033.vdocuments.site/reader033/viewer/2022052822/554b7394b4c90564168b52ce/html5/thumbnails/10.jpg)
Risks & Competitive Advantage of Early AdoptionRisks
Maturity & Workflow/Change Managementnew and emerging technology status; not all stakeholders may be open to it
Speedencryption + decryption will always be slower than without
Vendor lock-inrelatively easy to avoid by insisting on short-term contracts
Advantages
Securely harness the cloudincludes leveraging third party SaaS/PaaS such like Salesforce, Google Apps
Ability to outsource some ITwhich can save time, money, and human resources
![Page 11: Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without compromising on security)](https://reader033.vdocuments.site/reader033/viewer/2022052822/554b7394b4c90564168b52ce/html5/thumbnails/11.jpg)
CEG In The News
![Page 12: Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without compromising on security)](https://reader033.vdocuments.site/reader033/viewer/2022052822/554b7394b4c90564168b52ce/html5/thumbnails/12.jpg)
SummaryCloud Encryption Gateways are a proxy between an enterprise’s secure network and the public cloud.
Sensitive data is encrypted as it flows from a device, through the CEG proxy, and into the cloud service provider’s backend
When a user needs to read the information from the cloud device, it is decrypted and presented to them
Confidentiality
IntegrityAvailability
![Page 13: Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without compromising on security)](https://reader033.vdocuments.site/reader033/viewer/2022052822/554b7394b4c90564168b52ce/html5/thumbnails/13.jpg)
Works ReferencedCipherCloud Selected As SINET 16 Innovator and Presenting Cloud Encryption Gateway At 2011 SINET Showcase.
(2011, October 11). Yahoo! Finance. Retrieved October 15, 2013, from http://finance.yahoo.com/news/CipherCloud-Selected-As-SINET-iw-514934155.html!
Cloud Protection Solutions. (2013). PerspecSys. Retrieved October 15, 2013, from http://www.perspecsys.com/perspecsys-cloud-protection-gateway/!
Data Encryption for the Cloud. (2013). CipherCloud. Retrieved October 15, 2013, from http://www.ciphercloud.com/cloud-encryption.aspx!
Heiser, J., & MacDonald, N. (2013). Hype Cycle for Cloud Security (No. G00239712) (pp. 21–22). Gartner.!
Hoffman, K. E. (2013, January). Cloud of Suspicion. SC Magazine, 24(1), 26–28. Retrieved from http://proxygw.wrlc.org/login?url=http://search.proquest.com.proxygw.wrlc.org/docview/1282079369?accountid=11243!
Navajo Systems Receives Best Security Solution at Cloud Computing World Series Awards. (2011, June 24). Retrieved October 15, 2013, from http://proxygw.wrlc.org/login?url=http://search.proquest.com/docview/873476522?accountid=11243!
Ouellet, E., & Lowans, B. (2012). Cloud Encryption: Some Assembly Required (Research Note No. G0024664). Gartner.!
PerspecSys Named as Finalist in the 4th Annual 2012 Golden Bridge Awards for Its Innovation in Cloud Data Protection. (202AD, November 23). Re. Retrieved October 2, 2013, from http://www.reuters.com/article/2012/08/23/idUS124629+23-Aug-2012+BW20120823!
The 10-Minute Guide to Cloud Encryption Gateways. (2013, April 5). CipherCloud. Retrieved from http://pages.ciphercloud.com/The10-MinuteGuidetoCloudEncryptionGateways.html!
Thank you for your time and attention