How to Prepare for the Coming Age of Dynamic Infrastructure

Infrastructure 2.0 Journal

Subscribe to Infrastructure 2.0 Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Infrastructure 2.0 Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Infrastructure 2.0 Authors: Kalyan Sri, Ravi Rajamiyer, Liz McMillan, Elizabeth White, Pat Romanski

Related Topics: Cloud Computing, Infrastructure On Demand, SaaS Journal, Infrastructure 2.0 Journal, Sarbanes Oxley on Ulitzer, Java in the Cloud

Blog Feed Post

Cloud providers: Adopt a cloud encryption “profit center” approach

Cloud Key Management Cloud Encryption  Cloud pros cons X250 Cloud providers: Adopt a cloud encryption “profit center” approach
I was recently involved in some interesting discussions around cloud encryption as an added value service for IaaS and DRaaS service providers.  According to the service providers we’ve talked with, data encryption is critical for compliance oriented customers, as well as for ISVs’ deploying their software as a service offering on an Infrastructure cloud. While researching cloud encryption options, cloud providers have identified two barriers around cloud encryption adoption: cost and “cloudability”.

 

Cost

Deploying a cloud encryption solution the traditional way is costly. The majority of the solutions are priced at the tens-to-hundreds thousand dollar range. Purchasing such a solution upfront is naturally a heavy capital expenditure, which forces the cloud provider to think long term only ROI (assuming a healthy business model, we’re looking at one to two years for a return on investment). But in addition to the cost expense, there’s another critical requirement not usually fulfilled with traditional encryption solutions:

Cloudability

Putting budget aside, an encryption solution for a cloud provider has different requirements. Cloud encryption key management and the ability to provide an encryption solution per customer without managing the encryption keys for him are probably the most important ones. A cloud provider should ideally never see or manage its customers’ encryption keys, yet at the same time should allow those same customers to provision an encryption solution quickly, cost effectively, and in a cloud-compelling way (i.e. without compromising cloud elasticity). Challenging? Yes. Doable? Absolutely.

Cloud Encryption using split-key management

An emerging technology such as Porticor Cloud Security resolves both cost and cloudability issues by designing its cloud encryption technology from the ground up for cloud IaaS environments. Using key-splitting technology, Porticor provides a fully virtualized key management system which does not sacrifice trust; ensuring that only the end customer can manage its encryption keys (for additional information download this white paper). As for costs – Porticor provides a monthly subscription fee per customer, enabling its partners to eliminate cloud encryption capital expenditure completely, and become a profit center from the first customer.

 

The post Cloud providers: Adopt a cloud encryption “profit center” approach appeared first on Porticor Cloud Security.

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at G.ho.st - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.