More

    Bitglass Embeds Encryption in Cloud Brokering Service

    Slide Show

    Five Reasons to Take Cloud Security More Seriously

    As a provider of cloud access brokering services, Bitglass has gained a fair amount of traction among IT organizations that need to be able to keep track of who accessed which cloud application when. Now Bitglass is extending those cloud brokering capabilities to include 256-bit AES encryption in the enterprise edition of its service.

    Bitglass CEO Nat Kausik says Bitglass pulls sensitive corporate data and an encrypted search index out of cloud applications such as Salesforce, Office 365 and Box and stores them in a private cloud. Once it is stored in that cloud, employees can search that data without the IT organization having to be concerned about who else has access to the data outside the organization.

    One of the more complicated aspects of making using of cloud applications in environments where there are a lot of compliance mandates is that many IT organizations have to vet who actually has access to sensitive data. By essentially masking that data using encryption in a private cloud, IT organizations no longer have to worry about which IT administrators working for a cloud application provider might have access to data they shouldn’t see.

    While compliance is a major headache in the age of the cloud, the secret to success is to limit who needs to see which data. The fewer people involved, the less arduous the auditing process becomes, which in turn means the IT organization can get back to doing something that adds business value to the organization.

    The alternative, of course, is to hope auditors don’t ask anything complicated about what’s happening beyond the four walls of the data center itself, a scenario that with each passing day becomes less likely to occur as auditors that get paid by the hour look for more reasons than ever to stay on the job.

    Mike Vizard
    Mike Vizard
    Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.

    Latest Articles