Over the past three months, I’ve had dozens of interesting conversations with Vormetric customers about how their data security strategies are changing as the result of business mandates around things like cloud adoption and big data. From those interactions, two things became crystal clear to me: first, it’s a whole new era in data security that makes perimeter security far less relevant, and second, enterprises are laser focused on making sure they ‘protect what matters,’ anywhere it happens to reside, whether in physical servers, in virtual environments, or in the cloud. The financial and reputation costs of a major security breaches are enormous.
When you boil it all down, there are only two types of data in the world, the kind that someone wants to steal from you — such as financial information, customer data or intellectual property— and everything else. There are strong economic incentives to migrate to the cloud, but CISOs’ #1 concern about the cloud is how to keep sensitive data secure. Experienced CISO’s recognize that there is no such thing as an unbreachable perimeter. To keep their sensitive data protected, they need to both change its state and make sure that there are well-considered policies with privileged user access controls in place.
And that goes double for government sector where stolen data can translate into lost trust of constituents, lost lives or even war. Robert Bigman, former CISO of the US Central Intelligence Agency recently held a webinar on emerging best practices and security controls that can pave the way for full adoption of cloud-based computing. The central takeaway was that solving the cloud security conundrum requires guarding data from the inside out, protecting the data inside of the operating environments. Proactive “ cryptographic shredding,” if you will, so that even if those with evil intentions do manage to get to the sensitive data, it has been rendered useless to them and the enterprise knows exactly who was trying to get that data.
The bottom line is that data has become the new currency and sensitive data must be protected or businesses and government entities face disastrous consequences. In fact, if I were to make one prediction for 2013, it would be that the rate of adoption for cloud technologies will depend almost entirely on the level of customer confidence in data security platforms like ours that are designed to protect their sensitive data from the data center to the cloud.
What do you think will help/hinder cloud adoption in 2013?