Virtualization, Cloud Computing Add Complexity to Data Protection

Lora Bentley

We've already established that data protection -- i.e., data privacy and data security -- are the primary compliance issues faced by companies that operate globally. But as attorney Janine Bowen indicated earlier this week, add cloud computing and virtualization into the mix and you add to the complexity exponentially.

 

If you'll recall, she said data protection was complicated for global companies because different countries have different requirements regarding keeping certain data private and secure. More specifically, she noted that most of the data privacy laws protect the rights of the people the data is about, not necessarily the companies that hold the data. She explained:

[Say a company has] some sort of new performance management system that is going to be globally run out of the Atlanta offices. They need to figure out how to get EU records over to Atlanta. That's when you have a problem because you've got to make sure that you get the right level of consent from the individuals whose data it is before you can move it around.

If you're storing data in the cloud, you don't want to care where data is or to whom it belongs; you just want to know "it's being handled," she said. And if you're using virtualization and the cloud... Bowen noted:Virtualization adds another layer of complexity [in that] you've got machines that are potentially being segmented and they're passing data among multiple machines in multiple geographies.

And different data protection requirements in those "multiple geographies" are going to force you to care whose data it is, where that person lives and where the data is located.

 

Understandably, doing that is not easy, but it can happen. Bowen says a good place to start is making sure your processes meet the requirements in the jurisdictions that have "an enhanced level of protection" for data.



Add Comment      Leave a comment on this blog post
Aug 1, 2009 9:10 AM Sam Gross Sam Gross  says:

The Unisys Secure Cloud is hosted with a unique security technology called Stealth, that is a new information-sharing solution that can transform the way government agencies and companies secure the flow of sensitive information internally and across organizational lines.  It is designed to create policy driven communities of interest to protect and manage the locational aspects of data storage. The Unisys Stealth Solution addresses these challenges in a new and revolutionary way. Stealth can ensure that users cannot access data outside of their assigned communities.

Data packets are proven secure through the use of certified encryption and unique bit-level splitting of the encrypted data.  The Stealth Solution is also under evaluation for Common Criteria certification for use in classified environments. The Stealth Solution insures information is encrypted in compliance with the government's FIPS 140-2 standard.

This technology might just be the game changer to address the data security challenge

Reply

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.