This week was very interesting for me. I have had a number of calls and meetings with people dealing with software components and architectures that will make the cloud secure.
And the most interesting observation is: actually everything is there. We as an industry could simply start doing secure clouds right away. It is of course not so much about the standard stuff that we often hear: trust into the cloud providers, their ability to deal with data privacy requirements, or multi-tenancy capabiltiies of enterprise cloud services.
No. It is actually about how to secure the data between and within cloud services. And the key to achieve this is DRM Technology. Well, it is pretty straightforward when one thinks about data storage in the cloud, obviously Information Rights Management or Enterprise DRM will take over the role of drive encryption in cloud-based models for data sharing and storing.
But what seems to be less obvious is that the same technology can in principle also be used for protecting information within applications. Note that the media industry has already addressed a number of issues, such as streaming with DRM protection or multiple copies of the data.
There is one missing piece, though, well not really a missing piece: interoperability. The formats of DRM protected information are widely different from vendor to vendor, and there are three big players again: Microsoft, Adobe and Apple. It will be interesting to see how especially the battle between to two latter will affect how the protection formats will evolve.
And as with other battles for standardization, there will be room for companies to use this missing interoperability for developing tools helping with that. i'd be curious about who will take on that challenge...