24 Jan 2012
Businesses looking to move data and applications to the cloud are faced with a number of trust-related security challenges. Consequently, cloud adoption is hindered by a complex conundrum: how do you guarantee trust in data when you don’t trust the cloud?
If businesses are going to resolve this issue, they will need to address the three main areas of security concern: protecting data, controlling access to critical information and ensuring compliance.
• Encryption, encryption, encryption!
Encryption is the most effective way to protect information in the cloud. Not only does it separate your data from that of other tenants in any shared cloud environment - it also secures data both in transit and at rest. Encrypted data is also of little or no use to cyber criminals as long as they do not have access to the decryption keys. This significantly reduces the potential damage done by data leakage and minimises security risk for both businesses and their customers.
• Secure data as it progresses
Today, information has to be available anywhere and on any device. To achieve this, enterprises need to ensure that data is secured at every stage: from the moment of generation, to securing each point of access, to protecting the process of communication exchange. Therefore, in order to ensure maximum data security, additional layers of encryption should be applied to the virtual machines and storage volumes, as well as to the processing layer of data exchange.
• Know who’s accessing critical information, and when and how they’re doing it
The cloud environment is shared by multiple users, which makes it difficult to control access to sensitive information and ensure separation of duties. So cloud security requires a strong authentication and access management strategy that enables organisations to control who is accessing critical information, as well as how and when.
This could be achieved through multi-factor authentication and a centralised decryption key management policy, which enables control of who views encrypted data through effective decryption key release policy.
• Store the decryption keys outside the cloud environment
For additional security, enterprises should consider storing the decryption keys outside the virtual environment, in an on-premise hardware repository that cannot be accessed by unauthorised users. This will limit the potential damage of a security breach and will also guarantee that encrypted data is of little or no use to cyber criminals.
Mike Smart, product and solutions director, SafeNet
I totally agree that managing the access and user rights to critical information is one of the main points to increase IT security. Just read another blog post (http://kvm-minicom.blogspot.com/2012/01/data-center-security-look-at-other-side.html) who deals with this issue
Posted by: Brian 24 Jan 2012
Have your say on this article
Newsletters
Latest stories from Security
Latest videos
You may also like
Security jobs
Technology Patent Wars
Case studies from large organisations across all sectors
... And rich media, and flexible working, and peaks in traffic ...
Upcoming Events
Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.
Date: 31 May 2012
Time: 11:00 AM
Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.
Date: 13 Jun 2012
Time: 11:00 am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
