Hardware store clerk with keys

Does BYOK Mean ‘Barely Your Own Keys’?

Cloud, Compliance

3 Truths about Encryption and BYOK Many people making important decisions about data security have a fuzzy understanding of how encryption actually works. Their confusion can easily be exploited by hackers, governments, and vendors pushing incomplete solutions. That’s because, on the surface, encryption seems reasonably easy to understand with real-world analogies to keys, locks, secrets (both good and bad), and …

cloud data security in healthcare - featured image

Cloud Data Security Lessons from the Healthcare Industry

Cloud, Cloud Security, HealthCare

When it comes to data privacy, the healthcare industry is one of the most strictly regulated. It stands to reason, therefore, that the healthcare industry should be among the most conservative when it comes to adopting the cloud. Surprisingly, that is not the case. According to recent CipherCloud research, cloud adoption is pervasive across all industries, including the healthcare industry. …

Tokenization 101 - best practices for cloud

Cloud Best Practices: Tokenization 101

Best Practices, Cloud

  Encryption is inarguably critical to cloud data protection for the enterprise, as every IT decision-maker knows. But encryption cannot be the only tool in an organization’s cloud data protection toolbox. There are cases where encryption is not the solution, and for many of those cases, tokenization is the answer. Here are the facts to know about tokenization and its …

Choosing a Cloud Encryption Provider: Confidence is Key


Trust and confidence are key when it comes to choosing your information security providers, and cloud encryption is no different. Not only do you have to trust that your cloud encryption provider will handle your encryption keys appropriately—a concern you can eliminate by choosing one that hands over exclusive control of the encryption keys to you—but you must also be …

PCI Compliance Violations: The Biggest Culprit and How to Avoid Them


For any enterprise that deals with customer payment card information, compliance with PCI DSS is critical. Noncompliance can result in heavy fines, and the data breaches that noncompliance makes more likely can severely damage both a company’s brand and its bottom line. It’s to be expected, therefore, that the vast majority of companies subject to PCI DSS are in compliance …

Cloud Security Tip: Data Doesn’t Sleep—Don’t Trust Encryption that’s Only “At Rest”


These days, every cloud service provider (CSP) and their mother claims to protect customer data by offering cloud encryption, oftentimes strong encryption, such as AES 256-bit cryptography. CSPs’ promises of data privacy are reassuring, and customers might be misled to think that since their CSPs already offer encryption, there’s no real need to add any more, particularly if adding more …