Axway has developed key cloud data security considerations to enable proactive control of data security as IT processes move to the cloud:
* Revisit Cloud Security Expectations - Organizations must have the same expectations for data security in the cloud as for on-premise and expect vendors to work with them to meet these expectations. Cloud security strategies to date have remained passive, largely consisting of directing organizations to ask questions of cloud providers about how they secure access to data. Moreover, cloud providers often overlook internal data security, rather focusing merely on perimeter and data center security. * Leverage On-Premise "Command and Control" " Many cloud vendors only provide vague assurances of data center perimeter security, but offer no guarantees on who can access sensitive customer data. This means enterprises must be able to extend their internal access control and data loss prevention policies to cloud applications. Key considerations include: o What type of information will be exposed in the cloud? Who can access it and how is it segregated between unsecured parties? o Who has rights to send and receive sensitive information outside the organization? o What data should be prevented from leaving the organization to begin with? o How should data be sent? In the clear? Or with policies to encrypt specific data? * Consider 'Private Cloud' Models " Multi-tenant cloud applications can be inexpensive but do not assure the segregation of data, or the visibility required for corporate governance and regulatory compliance. Private, single tenant applications in the cloud can still offer many of the advantages of cloud computing, while limiting the security risk.
"Enterprises have spent years establishing effective internal security, but the rapid shift to cloud-based applications raises many challenges," said Taher Elgamal, chief security officer at Axway. "Axway is leading the industry's thinking on extending on-premise data security controls to the cloud, enabling enterprises to rest easier as their business interaction networks move to take advantage of cloud computing's advantages."
For more information about Axway's cloud-based offerings, visit: http://www.axway.com/products-solutions/delivery/hosted/saas.
For details about Axway at RSA, visit: http://www.axway.com/rsa.
Follow Axway on Twitter: http://twitter.com/Axway.
Axway is the Business Interaction Networks company — the only provider in the market today to manage, run, secure, and monitor all of your business interactions, including email, files, messaging, services, events, and processes. Serving over 11,000 organizations in more than 100 countries, Axway facilitates the multi-enterprise transactions, processes and integration that accelerate business by eliminating the barriers between vendors, customers, departments, partners and suppliers. Axway's comprehensive offerings include business-to-business integration, managed file transfer, secure email, business activity monitoring, enterprise application integration, service-oriented architecture, business process management, track & trace and identity validation solutions. Axway provides professional and managed services, as well as cloud computing and Software-as-a-Service (SaaS) offerings. Headquartered in Phoenix, Arizona, Axway's global presence spans 20 countries.
Media: SHIFT Communications Jennifer Usher, 415-591-8456 [email protected]