Protecting Data in the Cloud
When it comes to cloud computing, one of the major concerns is protecting the data being stored in the cloud. IT departments often lack the knowledge necessary to make informed decisions regarding the identification of sensitive data—which can cost an enterprise millions of dollars in legal costs and lost revenue.
The battle between encryption and tokenization was explored in a recent technology report, and the merits of both are being considered as securing data in the cloud becomes more and more important. Although the debate over which solution is best continues, it is ultimately good news that protection in cloud computing is available in the first place.
It is essential that data is secure while in storage or in transit (both inherent in cloud computing) in the current business climate; the protection is necessary whether dealing with retail processing, accessing personal medical records or managing government information and financial activity. It is necessary to implement the correct security measure to protect sensitive information.
So what is tokenization? Tokenization is the process in which sensitive data is segmented into one or more pieces and replaced with non-sensitive values, or tokens, and the original data is stored encrypted elsewhere. When clients need access to the sensitive data, they typically provide the token along with authentication credentials to a service that then validates the credentials, decrypts the secure data, and provides it back to the client. Even though encryption is used, the client is never involved in either the encryption or decryption process so encryption keys are never exchanged outside the token service. Tokens protect information like medical records, social security numbers, financial transactions, etc prevent unauthorized access.
Encryption, on the other hand, is the process of changing the information using an algorithm to ensure it is unreadable to anyone expect those who possess a key or special knowledge. The military and government have been using this method for some time to make sure that their sensitive information remains in the hands of the right people and organizations.
Tokenization and encryption can be applied when using cloud computing to protect the information is used in the cloud. For organizations seeking to determine which method is a better fit for them, it is necessary to ask questions about the security of the method and whether one has more pros than the others. It is necessary in this case to clearly define the objectives of the business process as well.
A clear method of protecting information is essential if cloud computing is posing benefits for the enterprise. Conversely, this can also be an obstacle to launching a cloud computing strategy. Gartner reports that 85 percent of participants cited security as a key factor that could prevent them from launching cloud-based apps.
In conclusion, there is no clear winner in the debate over tokenization versus encryption. Rather, it depends on the goals of the business and how the company plans to manage the security of their sensitive information. The data needs to be protected in a way that is easily manageable when launching a cloud computing strategy—and it is only at this point that cloud computing can be both successful and secure. For more information regarding securing data int eh cloud via tokenization, contact a Nubifer representative today.
nubifer blogs 
It’s understandable that security is a concern when considering a Cloud Computing option, but hard to ignore the benefits of capabilities and cost savings. Microsoft publishes privacy statement and documents so you know how your data is protected. Take a look at the Cloud Computing Security Considerations document for more detail: http://smb.ms/Outreachbio03n
Regards,
Jodi E.
Microsoft SMB Outreach Team
msftoft@microsoft.com
Thanks for the informative comment Jodie.