Newsletters Welcome, Guest Log In | Register
Blogs:

Lora Bentley

Governance and Risk

From regulatory compliance to corporate governance structure, everyone is involved

About this Blogger RSS

< Previous | Next >

Subscribe

Sign up now and get the best business technology insights direct to your inbox.

  • Daily Edge
  • CTO Edge Update
  • Business Tools & Templates
  • Aligning IT & Business Goals
  • Maximizing IT Investments

1

Virtualization, Cloud Computing Add Complexity to Data Protection

Posted by Lora Bentley Jul 31, 2009 11:45:40 AM

We've already established that data protection -- i.e., data privacy and data security -- are the primary compliance issues faced by companies that operate globally. But as attorney Janine Bowen indicated earlier this week, add cloud computing and virtualization into the mix and you add to the complexity exponentially.

 

If you'll recall, she said data protection was complicated for global companies because different countries have different requirements regarding keeping certain data private and secure. More specifically, she noted that most of the data privacy laws protect the rights of the people the data is about, not necessarily the companies that hold the data. She explained:

[Say a company has] some sort of new performance management system that is going to be globally run out of the Atlanta offices. They need to figure out how to get EU records over to Atlanta. That's when you have a problem because you've got to make sure that you get the right level of consent from the individuals whose data it is before you can move it around.

If you're storing data in the cloud, you don't want to care where data is or to whom it belongs; you just want to know "it's being handled," she said. And if you're using virtualization and the cloud... Bowen noted:Virtualization adds another layer of complexity [in that] you've got machines that are potentially being segmented and they're passing data among multiple machines in multiple geographies.

And different data protection requirements in those "multiple geographies" are going to force you to care whose data it is, where that person lives and where the data is located.

 

Understandably, doing that is not easy, but it can happen. Bowen says a good place to start is making sure your processes meet the requirements in the jurisdictions that have "an enhanced level of protection" for data.

Related Content

Add a comment Leave a comment on this blog post.
Aug 1, 2009 9:10 AM Guest Sam Gross  says:

The Unisys Secure Cloud is hosted with a unique security technology called Stealth, that is a new information-sharing solution that can transform the way government agencies and companies secure the flow of sensitive information internally and across organizational lines.  It is designed to create policy driven communities of interest to protect and manage the locational aspects of data storage. The Unisys Stealth Solution addresses these challenges in a new and revolutionary way. Stealth can ensure that users cannot access data outside of their assigned communities.

 

Data packets are proven secure through the use of certified encryption and unique bit-level splitting of the encrypted data.  The Stealth Solution is also under evaluation for Common Criteria certification for use in classified environments. The Stealth Solution insures information is encrypted in compliance with the government’s FIPS 140-2 standard.

 

This technology might just be the game changer to address the data security challenge

 
Reply

Related Content

Browse

Topic: Data Security

Enterprises have a lot to protect and layered 'defense in depth' is the best way to do it

Blog: McAfee Releases Q3 Report on Threats

Article: The Cloud Is Your Friend: Answers to Misconceptions of Cloud Computing

White Paper: Top Ten Things to Know About Data Protection

Related Topics

Cloud Computing, Europe, Legislation and Regulation, Privacy, Virtualization

Featured White Papers

Browse

Should You Install Messaging Security Software on Your Exchange Server?

This white paper discusses the detailed results of an Osterman Research survey on messaging security software and conclusions about administrators' attitudes regarding installing third-party software on the Exchange server.

Buyer's Guide for Enterprise Single Sign-On

This white paper offers a thorough checklist that should enable potential ESSO implementers to deploy the right ESSO solution, to help eliminate sign-on problems, reduce helpdesk costs, maximize user productivity, strengthen security, simplify administration and accelerate regulatory compliance.

Resource Centers

Browse

Data Loss Protection

Data-loss prevention tactics, technologies and best practices to protect your sensitive and valuable company data.

Featured Whitepapers

Realizing Enhanced Productivity and Timely ROI from Your DLP Security Technology

Tape Storage

Disaster recovery and business continuation that includes encryption, all at a manageable TCO.

Featured Whitepapers

The Truth about Tape - Nine Myths to Reconsider

Premium Tools

Browse

IT Security Manual Template

Immediately download a customizable set of documents and templates that covers every aspect of IT Security. These templates are compliant with ISO27000, HIPPAA and Sarbanes oxley standards.

Learn more >

Securing Your IT Environment

This research-driven best practices guide steps you through the entire process of securing your network and other elements of your IT environment.

Learn more >