Translate

Thursday, November 13, 2014

Apakah Cloud perlu proteksi policy ?



Companies in all business verticals are using cloud computing and its hosted virtualized methods for supplying software applications along with data processing power and storage. This basic axiom we know to be true, so what factors are changing?
Somewhere around ten years ago it was a case of ‘cloud is a security concern’. Five years ago it was ‘maybe let’s consider cloud for some use cases’. Now as we close 2014 it is increasingly ‘cloud first’, or ‘born on the cloud’ if you will. This means that applications and data sets are being architected and structured for a hosted virtualized existence from the start.
In turn then, this means that a new operational layer has sprung up i.e. firms are exchanging cloud-based information around the world and some of it is sensitive as it comes under the purview of regulatory controls. The United Nations isn’t overseeing what we all do; the UN Department of Peacekeeping Operations (DPKO) is too busy maintaining international peace and security on the ground after all.
Nobody
Nobody ever got fired for buying an IBM cloud data privacy engine solution, yet — photo credit: Wikimedia Commons
Privacy Patent Engine
IBM is aiming to use its global breadth in this regard and help organizations keep pace with changing information regulations in terms of how customer and employee data can be moved from one country to the next. The firm’s newly announced Privacy Patent Engine claims to be able to address cross-border compliance by flagging regulation changes so companies can avoid sharing data (across both public and private clouds) that could put their business at risk.
By this use of the term ‘software engine’ the company is suggesting that it has created an operational tool to improve upon manual privacy management techniques, which are typically executed on an ad hoc basis.
According to IBM, “The ability to manage data flows between cloud data centers while remaining in accordance with organizational and local laws becomes even more imperative today. Increasingly, governments are establishing rules that regulate how data may be transmitted from one country to another.”
Solving cross-border cloud data conflicts
IBM’s tastefully named new U.S. Patent #8,695,101 is intended to aggregate international requirements for data transfers around distinct individual projects. Users can then see what restrictions have been put in place for different types of protected information when transferring it between two countries. The engine also flags any cross-border privacy issues and provides recommendations on how to resolve each based on the information the business has input into the engine. In the event that underlying privacy requirements change, the engine can be updated to reflect these rules.
“Global businesses today face significant challenges in protecting personal data and keeping up with regulations in an environment where information is moving at record speeds across borders,” said Christina Peters, chief privacy officer, IBM. “Our new invention provides a privacy technique that helps businesses navigate an increasingly complex compliance landscape of regulations to help companies avoid unknowingly sharing data that could put their business at risk.”
A clouded marketplace, that’s cloud for you
Not quite a privacy police task force for international cloud data movements then, but certainly a service of some use if the shoe fits. The trouble may be that even as large as IBM obviously is, the cloud marketplace is beleaguered with so many standards, protocols and conventions that this tool may (even if it is unfairly) be classified as yet another cloud control layer that serves to clutter the toolbox.
For 21 consecutive years, IBM has topped the list of U.S. patent recipients — but does this mean that there is a just a constant stream of re-invention to be witnessed here? Yes this is playing devil’s advocate, but perhaps we do need the UN to step in and create a level playing field for cloud standards before we go any further.