However, despite cloud computing's evolving maturity its adoption continues to face a number of challenges due to public, hybrid and community-based cloud solutions being based on an internet-based accessibility and delivery backbone - and enterprise data being stored externally.
On the flip side, cloud is often deployed (unchecked) in silos where business units, and even individuals, are using public cloud services without considering that this might leave the business vulnerable.
The argument is often that we cannot wait weeks and months for a corporate solution when we can start using a public cloud offering within hours.
The challenge, therefore, is for IT departments and/or their outsourced providers to deal with a very real factor: human nature. And rather than resisting it, why not simply provide a set of security precautions that enable the business rather than constraining it?
The same solution can enable on a broader level those companies that remain reluctant to move over to the cloud as they have inherent concerns about security, privacy and compliance with industry-based regulations.
The industry has been working very hard at offering viable security solutions and cloud encryption gateways undoubtedly fall into this category. These gateways enable companies to encrypt sensitive information as it moves beyond the enterprise boundary into the public cloud and then decrypts it again when it is accessed again internally by users.
Should data ever be compromised (copied, stolen or accessed) while under the supervision and custody of a public cloud provider, the data is in encrypted format and will be of no value to any person illegally trying to make use of it, as they can see only an encrypted depiction/version of this sensitive data.
Furthermore, cloud encryption gateways maintain the cloud application user experience - with near zero latency - and without needing to make any changes to the cloud application itself.
A cloud encryption gateway is deployed at the enterprise perimeter and, essentially, acts as a reverse proxy server that monitors all incoming and outgoing traffic between enterprise users and their cloud applications.
The encryption gateway examines all outgoing cloud requests, in near real-time to encrypt or "tokenise" the data, and then modifies the request to the cloud application.
Similarly, encrypted or "tokenised" data returning from the cloud application is converted, again in real time, into clear text (i.e., text that can be read) prior to being displayed to the end-user.
Cloud encryption gateways are becoming more prevalent, which is why it important to choose the right one. Here are a number of important features to consider:
Cloud encryption gateways undoubtedly form part of a feasible security solution for cloud computing and should be considered as part of any enterprise cloud strategy, as well as with any cloud migration or deployment to an external cloud environment.
