Cloud computing, generally explained as the usage of hardware or software as a service delivered through the Internet, the cloud, has gained a lot of interest and focus over the past years. However, according to industry analysts, the two most common concerns that companies have when considering cloud computing are data security and how to assure restricted access to information. As per Gartner, 90% of cloud users rate security as their main concern.
Although cloud providers do their best to reassure customers, they have failed to help businesses fully overcome these concerns. As a result, businesses are either forgoing using cloud computing or are building private clouds that minimize the cost and efficiency benefits.
In our mind, security should always be seen as an independent service and be leveraged as Software as a Service (SaaS). There is a need in the market to have a cloud based security framework, which can not only be easily accessed and integrated to different cloud platforms but is also pluggable to existing security back-ends. This would avoid complicated integration phases, high maintenance and reduced extensibility.
Our product "Fineo" will provide a cloud based generic security platform, which offers security services at various levels such as data, communication & user level. Different Cloud based frameworks and service providers will be able to enhance their product offerings by integrating Fineo and leveraging the security features it provides. Some of the high level features provided by Fineo are:
- Data level security e.g Encryption, Signing.
- Security token service which enables consumers to communicate securely.
- Policy based security service which enables consumers to choose the desired security level at runtime depending on their requirements and capabilities.
- Security service gateway for enterprise clouds.
- Data scanning service which includes documents, business data objects, signed emails.
- Data storage security.
- Specialized security for big data.
- Extensible and pluggable to different security back ends.
- Enabling security for smart phone Apps.
- Providing public API's which can be used by other software.