Discussions about cloud computing are currently ever-present in the media. This is largely due to the question of security, coming up, when sensitive data, abstracted IT infratstructure, complete software packages and program environments, adapted dynamically to demands, are made available over the network.
The center of the idea of Cloud Computing is the illusion of infinite resources, which can adapted to the current demand without delay. The required IT landscape is no longer operated by oneself but is rented. This means that relevant applications and data are no longer on a local computer or on a company data center but in the cloud. Cloud computing grants cost benefits in comparison to conventional systems and offers complex applications to companies which are otherwise unable to afford them. Last but not least it makes the employee location-independent.
The basic problem of manipulation of outsourced sensitive company data and the manipulation of user data during transfer between local client and distant server could not be solved satisfactory for a long time. The expected damage in the case of sensitive data getting into the wrong hands however can be extreme. This loss is not just a financial loss but a loss of reputation as well.
Meanwhile there is an option to transport data highly secure. Up to now at a loss of USB sticks or notebooks the finder or fraudster was able to attain the data stored on these devices with little effort. Meanwhile there are encryption technologies in selected security products preventing it. With the right technology data is secure at online banking and in mobile office. These security processes can be adopted into the cloud.
Another challenge for companies is the question: How do I secure myself against data theft or unintended data loss through employees and the resulting consequences?
An employee can copy, print or leave important data on an external pc outside of the company intentionally or by accident. Documents, once opened on a computer, are usually leaving traces which can be retrieved by third persons unauthorized. In addition trojans, worms and viruses can spy out data. The same scenario applies to data, left in the cloud.
It is all more important to have document tracing and control. This control traces the way of a sensitive document from an employee's computer to an encrypted USB device und from there to a printer or another pc in the cloud. The document control can even prevent these routes by specific configuration. This means that the employee is not able to do anything, intentionally or by accident, that can harm the company. A data safe with an unchangeable, reliable hardware protects the associated software measurably against manipulation and attacks.
What happens in the case of the loss of a notebook or USB data storage? In an ideal case the field employee can receive a new notebook and can upload the required data anew. But as notebook are not considered to be reliable data carriers, he would need to receive a data carrier from his company that, like magic, retrieves the documents from the cloud and makes it available to the employee. During the entire process neither the lost data on the old notebook or respectively the external USB device nor the data backup in the cloud, required to restore the data, should be exposed to a security risk.
Current solutions are mostly passive data carriers, which passively hide their contents and which mostly are well encrypted. However with these data carriers a company is not able to control the route of its data and who is receiving it. These products do not give answers to questions like:
- On which Cloud did I currently park my sensitive data?
- Can I trust my new employee?
- Are Viruses, worms etc. steal my data while my careless employee is surfing the internet?
- Did the printout go somewhere into the network instead of my printer?
In contrast it is favored that the active data carrier makes sure …
- That the data is secure in the cloud and from there is safely on the way to the employee and not to another person.
- That the data is not taking any uncontrollable routes , without knowledge, authorization or approval of the superior.
- That intended or unintended data loss by ignorance or Trojan or worm attack on sensitive data during work can be recognized and suppressed.
- That the loss of work equipment means no loss of sensitive data and that data can be restored in short time major difficulties.
A solution such as the active data carrier mentioned, enabling the flexibility of mobile workspace as well as the secure use of Cloud Computing, is rare but no longer utopic. Sensitized managers can equip their employees with this product; Freelancers and self-employed can acquire this solution. Mobility and flexibility is practicable and the security is guaranteed.
Kobil Systems GmbH is exhibiting at Infosecurity Europe 2010, the No. 1 industry event in Europe held on 27th – 29th April in its new venue Earl's Court, London. The event provides an unrivalled free education programme, exhibitors showcasing new and emerging technologies and offering practical and professional expertise. For further information please visit www.infosec.co.uk
KOBIL Systems, manufacturer of IT security products, in close cooperations with universities and the Fraunhofer Institute has brought products, ensuring the highest possible security, to marketability through research and development. KOBIL Systems wins the Seal of Exelence 2009. The company is a market leader and trendsetter in the production of mobile high security IT solutions in the area of digital identities. KOBIL stands for secure data, secure communication and secure authentication on every computer worldwide. Founded in 1986, the 100-strong KOBIL Group based in Worms, Germany, is the only manufacturer worldwide with a fully developed product line. As a pioneer in the area of cryptography, smart card technology and PKI (digital certificates), KOBIL's products have become today's recognized standard for digital identities and highly secure data technology. The development of the products is done in Germany with 40 percent of the staff involved in the development at the KOBIL headquarters alone. KOBIL applications comply with international standards such as EMV-CAP, ISO 7816, ISO 9001 and the German Act for Digital Signature. KOBIL products also support common technology standards making it very simple to integrate them into existing IT infrastructures. IT security solutions by KOBIL are mobile, flexible and user friendly, and are used in a variety of different industries. Businesses, banks and institutions such as Deutsche Telekom, Swisscom, RWE, T-Systems, DATEV, Commerzbank, Migros Bank, Valiant Bank, Hypothekarbank Lenzburg, Rothschild Bank, UBS, YapiKredi Bank, Isbank as well as the German parliament and the German Federal Office for Information Security (BSI) rely on technologies by KOBIL. www.kobil.com
Contact: Susanne Mey, M. A. Press Relations, KOBIL Systems GmbH, Pfortenring 11, 67547Worms, Tel: +49 (0) 6241 3004 28, Fax: +49 (0) 6241 3004 80, E-Mail:firstname.lastname@example.org, Web:www.kobil.com