Providing Insight Into the Cloud Computing Security, Privacy and Related Threats

Cloud Security Journal

Subscribe to Cloud Security Journal : eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Cloud Security Journal : homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Cloud Security Authors: Elizabeth White, John Katrick, Mamoon Yunus, Ravi Rajamiyer, Liz McMillan

Related Topics: Cloud Computing, Cloud Hosting & Service Providers Journal, Cloud Security Journal , Sarbanes Oxley on Ulitzer, Java in the Cloud

Blog Feed Post

Making the Cloud a Little Safer for Healthcare

How do you safely manage and store all of this data while minimizing the risk of a security breach?

We’ve touched on cloud security risks here on the Ananova blog in the past. In case you missed any of the articles, here’s a quick fact: cloud hosting is just as risky as traditional hosting. While it may seem as if it is more vulnerable to hacker attacks, that is just simply not true. It’s all in the way you store your data, and the strength of the password that protects it.

healthcare compliance solutions Cloud HIPAA  ananova Making The Cloud A Little Safer For HealthcareWhen you turn to cloud hosting for the healthcare industry, it becomes even more important to follow best practices. You don’t want the medical records, social security numbers, imaging files like x-rays and MRIs, and other confidential data to be compromised!

Security Is Key
How do you safely manage and store all of this data while minimizing the risk of a security breach? Probably the single most important step you can take in order to ensure security: encryption. This is a no-brainer. The key lies in how you encrypt that information.

You need to keep patient data safe, while at the same time maintaining regulatory compliance. That means you need to think long and hard on your strategy regarding encryption keys. Typical methods don’t really apply with cloud hosting — you are trying to cut out the data center, so making your ISP the key holder isn’t going to work here.

What Works
One idea is split-key encryption, a method normally used to encrypt smaller files. Porticor is a company that revamped the process to make it faster than before, allowing it to be used for larger files like you would find in a healthcare database.

How Does It Work?
Let’s use a doctor as an example. The doctor enters data into the system, which is encrypted, and the key to access that data is split into two. The doctor is the owner of the “master key,” the first half. The second half heads to the Porticor Key Management Service for future use.

The master key is the doctor’s, protected by homomorphic encryption. With this method, the master key is encrypted at all times. Not just in the cloud, but even when it’s being used. What’s more, each time you use the key, it is encrypted in a new way. That means that even if someone hacks in and steals the master key, it is useless. It cannot be used to access any patient files.

If that doctor wants to allow, say, the hospital access to his files, he can create a key for the hospital, which will also be split into two. The hosting provider cannot access this information at all, just the doctor and whomever he grants a key to.

This isn’t a new technique used to encrypt data, but has been historically slow and not something a business would think to rely on when data must be obtained quickly. Porticor has found a way to make this a much faster process, allowing any industry to quickly access their records in highly secure fashion.

Do you think this is a positive advancement in the healthcare industry, or do you still have doubts it is secure enough to store such sensitive data in the cloud?

The post Making The Cloud A Little Safer For Healthcare appeared first on Porticor Cloud Security.

Read the original blog entry...

More Stories By Gilad Parann-Nissany

Gilad Parann-Nissany, Founder and CEO at Porticor is a pioneer of Cloud Computing. He has built SaaS Clouds for medium and small enterprises at SAP (CTO Small Business); contributing to several SAP products and reaching more than 8 million users. Recently he has created a consumer Cloud at - a cloud operating system that delighted hundreds of thousands of users while providing browser-based and mobile access to data, people and a variety of cloud-based applications. He is now CEO of Porticor, a leader in Virtual Privacy and Cloud Security.