As a provider of cloud access brokering services, Bitglass has gained a fair amount of traction among IT organizations that need to be able to keep track of who accessed which cloud application when. Now Bitglass is extending those cloud brokering capabilities to include 256-bit AES encryption in the enterprise edition of its service.
Bitglass CEO Nat Kausik says Bitglass pulls sensitive corporate data and an encrypted search index out of cloud applications such as Salesforce, Office 365 and Box and stores them in a private cloud. Once it is stored in that cloud, employees can search that data without the IT organization having to be concerned about who else has access to the data outside the organization.
One of the more complicated aspects of making using of cloud applications in environments where there are a lot of compliance mandates is that many IT organizations have to vet who actually has access to sensitive data. By essentially masking that data using encryption in a private cloud, IT organizations no longer have to worry about which IT administrators working for a cloud application provider might have access to data they shouldn’t see.
While compliance is a major headache in the age of the cloud, the secret to success is to limit who needs to see which data. The fewer people involved, the less arduous the auditing process becomes, which in turn means the IT organization can get back to doing something that adds business value to the organization.
The alternative, of course, is to hope auditors don’t ask anything complicated about what’s happening beyond the four walls of the data center itself, a scenario that with each passing day becomes less likely to occur as auditors that get paid by the hour look for more reasons than ever to stay on the job.