|By Gilad Parann-Nissany||
|September 7, 2014 07:00 PM EDT||
Encrypting cloud storage is now in the mainstream, the accepted best practice and a business imperative. Across the world and all industries, enterprises need to encrypt cloud data to stay compliant, safe and competitive.
There are several offerings of encrypted cloud storage for enterprises. And yet, many enterprises are still doing it wrong.
Which of these pitfalls has your company fallen into?
Encrypted Cloud Storage Mistakes
1. Allowing Others to Control and Access Stored Data
Whether they do so knowingly or naively, by using a provider to encrypt data and manage encryption keys, enterprises are enabling that provider (and his employees) to access and control their data. Being that most enterprises are encrypting data that is sensitive or regulated, losing control of the encryption keys is one of the biggest, and most common mistakes.
By using split key encryption and homomorphic key management with their encrypted cloud storage, enterprises can enjoy the benefits of the cloud without compromising security.
2. Neglecting Disaster Recovery
When migrating data to the cloud, enterprises must be aware of their disaster recovery options should a failure occur. Many companies take it for granted that data stored in the cloud will always be available, but this is not always so.
If the cloud provider's data center experiences a technical failure or a natural disaster, data can become unavailable. There have actually been several such actual cases so this is no theory but a practical problem.
Take steps to ensure the right data is replicated or backed up. Today's cloud technology allows you to run replicas on physically remote data centers, achieving truly strong disaster recover capabilities at low cost. Replicated systems must also be encrypted, using the same self-controlled key management systems mentioned above. Also, go through a disaster recovery simulation to make sure that disasters are not detrimental to your enterprise.
3. Extending Compliance to Encrypted Cloud Storage
Companies in regulated industries like healthcare, financial, or legal, have an obligation to protect sensitive data, which authorities take quite seriously. This obligation is not lessened in the cloud. When using encrypted cloud storage, regulations are more easily met, which is actually one of the benefits of encryption. However, controlling the encryption keys is essential for achieving full compliance and "safe harbor" - make sure you own your encryption keys.
4. Overlooking Access Controls
Most enterprises understand the need to limit the access to certain data to individuals or role types. However, when data is stored in the cloud, those access controls need to be maintained (or replicated). If IT personnel, for example, do not have access to salary data of the entire company, it does not make sense to grant them access to the same information once it is stored in the cloud.
There are many things enterprises can do wrong: there are public relations scandals and advertising nightmares, but when it comes to information security, there is little room for error. Data is the lifeline of business and protecting it, on premise and in the cloud, is a responsibility that cannot be taken lightly.
Migrating to the cloud has many benefits. Encrypted cloud storage is a useful innovation, but to use it correctly, control must be ensured, "safe harbor" regulations taken into account, and disasters must be avoided and planned for.
The post Encrypted Cloud Storage: How Enterprises Are Doing it Wrong appeared first on Porticor Cloud Security.
- Database Security in the Cloud
- Disruptive Innovations and the 'Internet of Things' | @ThingsExpo [#IoT]
- Securing Cloud Data from Cybercrime, Intrusion and Surveillance
- Cloud Computing Security Issues and Challenges By @GiladPN | @CloudExpo [#Cloud]
- MySQL in the Cloud
- Cloud Security – Implementing a Secure Cloud Backup Case Study
- Four Great Tips: Cloud Security for Big Data
- Answering Common Cloud Security Questions from CIOs
- Securing Your ‘Data at Rest’ in the Cloud
- Encrypted Cloud Storage – The Missing Piece