This week, Cloud Expo West gathered thousands of cloud experts in Silicon Valley to discuss cloud and big data trends, and the current industry outlook from both a technical and strategic standpoint. I was asked to speak about cloud security – specifically, encryption solutions in the cloud.
Enterprises across the globe still place security at the higher end of their considerations when it comes to cloud computing—keeping the protection of data at the center of their security strategy. Concerns over where data is stored, how the data is secured, and who has access to the data are just some of the areas addressed by encryption technology.
Encryption, of course, refers to the conversion of data into a form that cannot be easily understood by unauthorized parties. For centuries, encryption has been used in different ways, and it has passed the test of time. During wartime, a code—or cipher—was used to keep the enemy from obtaining anything meaningful from the contents of communications should it be intercepted. Today, sophisticated algorithms are used to rearrange the data bits in digital signals.
Like all technologies, encryption isn’t one-size-fits-all. In fact, there are a few options to consider:
- Full Disk Encryption – Full disk encryption, or policy-based partial encryption of data at rest
- Database Encryption – Using database level encryption controls
- Network Encryption – Network level encryption controls
- Backup Data – Ensure the cloud vendor provides encrypting for backup data
In order to make a wise decision about which encryption solutions might work best for each situation, enterprises should consider a few things. First, the type of cloud environment, whether it is an Infrastructure-as-a-Service or a Software-as-a-Service environment will help determine the encryption method to be used. The second consideration is where encryption is needed; it could be at rest, in transit, or backup. Lastly, enterprises should consider the usability of the solution. If the encryption process is difficult to use, users will by-pass it, not use it or they will find a work around.
One of the most interesting questions I received from the audience during my session was who should be responsible to data security in the cloud. The answer to this question can be a never ending debate because it all depends on the business and the considerations mentioned above. In my experience, success cases involve businesses working together with security experts inside and outside the organization to decide on an encryption model and policies around it. No one party should make decisions in isolation as these can result in data breaches and fragmented systems.
Data security remains a hot topic in the industry and every conference brings new perspectives and interesting questions. Today’s security landscape presents several options to protect an organization’s assets and avoid data breaches, encryption being one of them. A comprehensive encryption that’s well deployed and considers different aspects of the business can lead to the ultimate reward – getting peace of mind in the cloud.
