08-29-13 | Blog Post
Global spending on information security is expected to total $64.4 billion this year with an average annual growth rate of 8.7 percent over the next four years, according to Lawrence Pingree, research director at Gartner, as reported by USAToday.com. Information security threats have increased in many industries, including the healthcare, financial, e-commerce and many other industries that handle sensitive personal data.
Most recently, numerous U.S. media outlets were hit by hackers from Syria, including the NYTimes and Twitter this week, and the Financial Times, CNN, Time and the Washington Post last week. Earlier this year, the same hackers hit the Twitter accounts of the Associated Press, causing the stock market to plunge, as reported by the NYTimes.com.
Most of the global spending was on venture capital deals for tech security firms that support cloud security applications that provide cloud encryption, monitoring, VPNs (Virtual Private Networks), malware protection and more. Security within the cloud is a major concern, but certain built-in technology and enterprise-class infrastructure can provide adequate protection for mission-critical applications and data.
Software-based encryption as an add-on can slow system processes as it uses the same processing resources as other programs, affecting the performance of other system functions. Hardware-based encryption at the drive-level can protect data at rest without affecting system performance. Data is encrypted and decrypted as it is being written to or read from a drive, allowing for minimal disruptions in performance.
So how can you take advantage of hardware-based encryption, a different encryption method than software-based cloud security software offered by vendors? Look for a cloud solution that has built-in security and offers compatible layered security services. An encrypted cloud can provide protection at the disk level, and additional security like daily log review, file integrity monitoring, vulnerability scanning and two-factor authentication for VPN access can give you the ultimate defense-in-depth solution for scalability and security.
Read more about cloud security in:
Top 5 Healthcare Cloud Security Guides
Private cloud or public? Encryption – addressable or a must-have? Cloud for email and document storage, or enterprise-class infrastructure? As HIPAA continues to evolve with the deadline of the final HIPAA omnibus rule coming up (Sept. 23), it’s a good time … Continue reading →
Ensuring Cloud Vendor Security Transparency in the Age of Data Breaches
Gartner recently released recommendations for gaining transparency into cloud software as a service (SaaS) contracts – including emphasis on annual security audits and certification by a third party to verify a cloud vendor’s operating/product security. Gartner also recommends that contracts … Continue reading →
Securing Regulated Data with a Private Cloud Infrastructure
Dr. Larry Ponemon, chairman and founder of the Ponemon Institute described how the shift of the attack surface from the mobile device is moving to unsecure places in the cloud environment with unsecure data, as reported by HealthITSecurity.com. More specifically, … Continue reading →