Cloud Computing


TMCnews Featured Article


September 20, 2010

Protecting Data in a Cloud Computing Environment

By Susan J. Campbell, TMCnet Contributing Editor


One of the most important elements of cloud computing is protecting the information or data that is stored in the cloud. When IT departments lack the intimate knowledge necessary to make good decisions regarding the identification of sensitive data, it can cost a company millions in lost revenue and legal costs.

In a recent Technology news report, the battle between encryption and tokenization was explored. As securing data in the cloud becomes an increasingly important topic, the merits of both methodologies are being considered. And, while the debate rages on over which solution is the best, the fact that protection in cloud computing is available is ultimately the good news.

In today’s business climate, it is essential that data is secure while in storage or in transit – both inherent in cloud computing. This protection is necessary in industries from retail processing to accessing personal medical records, managing financial activity to government information. Implementing the right data security method to protect sensitive information is a must.

Tokenization is a method to secure specific data by replacing it with a non-sensitive and non-descript value set. It is most common for the actual sensitive data to be stored locally in a protected location or a third-party service provider. Unauthorized access is prevented by tokens to protect information such as social security numbers, medical records, financial transactions and more.

Encryption is the process of changing the information with the use of an algorithm to ensure it is unreadable to anyone except those who possess special knowledge or a key. This method has long been used by the military and government to ensure their information does not fall into the hands of undesirable people or organizations.

When cloud computing is used, either method can apply to protect the information that is used and in the cloud. Of course, for those organizations trying to determine which method is better, questions will arise such as the security of the method and if one outshines the other. The best way to answer this question is to clearly define the objectives of the business process.

If cloud computing is posing potential benefits for the company, a clear method of protecting information is essential. It can also be an obstacle to launching a cloud computing strategy. In fact, according to Gartner (News - Alert), 85 percent of participants cited security as a factor that could inhibit them from deploying cloud-based applications.

The true winner in the debate over encryption versus tokenization solely depends on the goals of the business and how they plan on managing the security of their information. When launching a cloud computing strategy, the data not only needs to be protected, but that protection must be easily managed. When this is complete, cloud computing can be a secure success.


Susan J. Campbell is a contributing editor for TMCnet and has also written for eastbiz.com. To read more of Susan’s articles, please visit her columnist page.

Edited by Erin Monda