Tools that help developers to successfully deliver software

Software Configuration Management

Subscribe to Software Configuration Management: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Software Configuration Management: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

SCM Authors: Stackify Blog, Elizabeth White, Mike Raia, John Basso, Derek Weeks

Related Topics: Cloud Computing, Software Configuration Management, Secure Cloud Computing

Blog Feed Post

Cloud Encryption and Key Management for Software Vendors

The security dilemma is here to stay

(Or: If you’re an ISV running on Amazon Web Services – This one is for you…)

Over the past year, the trend of developing and delivering a software offering over a public cloud such as Amazon Web Services has grown dramatically. Software Vendors, both established and start-up companies, are using Infrastructure as a Service for its obvious advantages, such as cost effectiveness, redundancy, high availability, and probably the most dramatic effect for a software vendor – flexibility. A software vendor can make use of the IaaS provided APIs to automatically add servers, disks, backup, etc. They can start small and ramp up very quickly.

The security dilemma is here to stay

Those of you running software in the cloud are very well aware of the fact that the cloud provider will never take responsibility for your cloud implementation, which makes perfect sense if you think about it. The cloud provider’s responsibility is to secure the perimeter they provide, and the good ones are very good at it. On the other hand, everything installed by you in your cloud is under your responsibility, and when you’re providing a service to your customers, you better make sure you’ve taken appropriate measures to secure your cloud implementation, and equally important, to let your customers know you’ve done what it takes to keep them safe. But, as I’ve written in my previous blog post (Breaking the cloud encryption and key management paradigm), when it comes to security in the cloud, specifically around cloud encryption and key management in the cloud, the currently available solutions are limited and are far from satisfying the security needs of a software vendor.

Get me a cloud-enabled security solution

What are the top priority requirements for a software vendor running in the cloud? According to the ones we’re talking to it’s pretty straightforward:

  1. A cloud security solution that enables them, or in some cases, their customers, to maintain the security and privacy in their cloud account, without having to trust a third party vendor with the security elements of the solution.
  2. They need a strong, simple to install, yet highly flexible cloud-enabled security solution. A security solution that protects their customers’ information, whether it is private data, brand reputation, or intellectual property.

Although seemingly obvious, it appears many of the existing security solution providers out there fail in addressing these obvious requirements. The technology needed to really meet them – is not trivial at all…

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.