Cloud security is a rising issue in the world of cloud computing at this time. In the recent months, many cloud computing service providers have experienced various incidences of breaches and hacks into their cloud platforms, leaving client’s private information and data insecure and prone to theft. In light of this, Transputec can enhance their Cloud Document Management – Intelefile service with features that augment their cloud services portfolio to ensure the safety of their client’s data.
Data Encryption (Transport Layer Security)
Data is the most important part of any organization. In the case of any breach in the organization’s data, the company can suffer great loss from the theft of vital information to as much as crippling of the entire organization. The key to ensure data security is the ability to move sensitive information within a cloud platform while ensuring the sensitivity of the information is preserved.
The best way for Transputec to achieve this is through offering data encryption services. The data encryption has to be done prior to the information being sent to the cloud platform. This is done upon creation of the data. Through data encryption will Transputec ensure that all the data within the cloud is comprehensively protected and all risks to potential exposures is mitigated.
Data encryption can be realized through encryption with SSL, Transport Layer Security. This ensures that all the information that is shared between the client and the server is encrypted, offering industry standard protection for all clientele data as it moves to and from the Transputec servers.
VPNs (Virtual Private Networks)/Private Cloud
Most of the high-end cloud service providers employ the use of virtual cloud services through business VPNs. Through use of the private cloud solution, Transputec can realize potential business growth areas while enhancing clientele data security through private and tailored services suited for a given client. This also allows for the clients and the enterprise at large to realize seamless cloud experience that guarantees optimum service levels and reduce proneness to breaches.
Server-Side Policies
Transputec has the potential and ability to employ policies which will restrict server access to authorised personnel. The individuals who will have access to the Transputec cloud servers will be limited in number. For example, Transputec can institute a 2 to 5 person policy that will allow only the given number to access the Transputec servers. This will not include Transputec helpdesk personnel. Furthermore, the individuals with permitted access will be bound by confidentiality agreements. This means they will be subject to discipline, including and not limited to termination and criminal prosecution, should they breach the confidentiality agreement.
All engineers with the access to Transputec Cloud servers will be required to use a two-factor authentication process at any time that they are required to access the cloud system. This will ensure that at any point that another party obtains an engineer’s access password, they still would not be able to access the system.
Furthermore, there is the potential and the possibility of instituting server-side encryption. This will also ensure that security is also maintained form the server’s side to avoid breach from within the Transputec operational base.
Through the implementation of the data encryption, private cloud services and server-side policies, Transputec can enhance the security of its servers from both ends of the clouds platform, i.e. the client-side and the server-side. This will enhance the security of the intelefile service, the data moving to and from the server and mitigate possibilities of breaches.
References
Cultured Code, 2013. Privacy and Data Encryption. [Online] Available at: http://support.culturedcode.com/customer/portal/articles/679590-privacy-and-data-encryption[Accessed 21 August 2013].
