Where There Are Clouds, There Could Be Rain

The cloud has become increasingly popular as the default way of managing many global business applications through its simplicity and cost effectiveness. As a result an increasing volume of data is stored there. Cloud storage and transfer services are therefore becoming more and more popular as the cloud heads towards the default method of providing services

The cloud offers many advantages. For example: not needing to worry about infrastructure and 24/7 availability. The cloud could also be said to take care of backup… or does it?

The cloud offers significant business advantages, particularly by reducing overheads and costs, as well as, the need for fewer infrastructures. In theory, it also takes care of your data backup, as mentioned previously. However do you really want to leave the backup of your valuable data down to your provider? That is perhaps a question that we should leave to other experts?

I’d like to talk about other key security issues for those of us who already use or are considering the use of cloud.

Today it is possible to prevent cloud service providers access, by blocking them from the internal network. However, preventing access does not mean that the user will not use alternative methods of cloud storage in uncontrolled environments, such as home or public networks, using various browser Apps. To achieve true safety, an endpoint solution is required to prevent access. As we progress and more and more cloud services are used to store, exchange and analyze data, it will become even more difficult to prevent users from using the many cloud transfer services available, which are quick, easy and cheap to use. The need and availability will eventually overcome the more cautious approach to cloud that many businesses have at present

It is clearly becoming crucial to have a cloud security strategy. Cloud storage providers already use encrypting techniques for data-in-motion and data-at-rest, but just like backups: is it really sensible to rely only on your supplier to protect your sensitive data? How important is that data stored in the cloud? Could losing this data, or malicious insiders or outsiders having access put your company at risk? This begs the question: can you really rely only on the cloud?

One approach for a well-designed cloud data security strategy is to separate the data from the encryption keys.

The idea is quite simple. Data in the cloud becomes encrypted with a cryptographic secret that is not known by the storage provider. The cryptographic keys only belong to the owner of the data… You! The cloud has your data, but it does not have the encryption keys. The encryption keys alone, even if they are also stored in the cloud by another service provider, do not have access to the physical data.

By separating the data and the keys, only the owner of both is able to access the content.

This process makes it impossible for anyone else besides the ‘owner’ from accessing the sensitive content, making your data secure. A simple solution to what could be a complex threat.

Today there are solutions available that allow data in the cloud to be secure, but as the volume of data and the types and numbers of services expand, it will become more and more important to secure data while it is being transmitted, often from one service to another.

Previous Post
Negligence or Human Error – Primary Cause of a Data Breach
Next Post
Using the Key to Unlock Your Cloud Encryption Strategy