With the rise in cloud technology adoption, there is a lot more talk of data protection and security in the cloud. Data security fears are rampant as cloud technology is still relatively new, and is unfamiliar territory for a lot of IT departments.
Another issue concerning data stored in the cloud is compliance. Jurisdiction control over data is an issue that concerns governments globally, especially where data is stored in the US, which may be vulnerable under the patriot act.
Businesses and governments are considering the use of encryption and tokenization to deal with these issues. This allows businesses to adopt cloud technology and reap the benefits while remaining compliant.
What is the difference between tokenization and encryption?
A lot of the time, encryption and tokenization are being used interchangeably to describe the process of protecting data stored in the cloud. Although they both essentially have the same function, they are different processes and have different effects on the data they are protecting.
Tokenization substitutes a value with a random “Token” value. Each individual value has its own token assigned, so no matter when that value is inserted, the same token will appear. The token values are then stored in the cloud.
To retrieve the original value, the token value is pulled from the cloud through the company’s firewall where de-tokenization takes place. A dictionary of tokens is stored behind the firewall to replace the token value with the original value.
Encrypted data obscures the value using an approved encryption algorithm. To reveal the original value, the user needs a secret key. This makes it impossible to reveal the true value to any unauthorized user.
There are many different ways to encrypt data, including private keys, public keys, SSL, and TLS. The encrypted data is then stored in the cloud. As the data is pulled from the cloud, the user can access the true data if they can access the secret key to decipher the data.
In the past, ClaimVantage has partnered with Perspecsys to offer a flexible and configurable gateway to protect sensitive business data stored in the cloud. To learn more about protecting your data in the cloud, contact us today.