Q
Get started Bring yourself up to speed with our introductory content.

Do we still need cloud data encryption?

Our public cloud provider guarantees our data is separate from others' in the cloud. Does our enterprise still need to use cloud data encryption methods?

Even with the most accommodating SLA, cloud data encryption should be a standard practice when data is stored in...

the public cloud. Encryption should start at local servers and continue across the LAN and WAN for data in-flight and data at-rest in remote cloud storage.

Both a cloud provider and user can supply encryption, so it's important to understand what the public cloud provider supplies and the gaps you'll need to fill for top-notch security. Provider-side encryption is convenient, but that means the provider has the keys to your sensitive data. Therefore, cloud providers can surrender your data to government agencies without your knowledge or consent. To avoid potential provider abuses, businesses should use user-side encryption and key management.

Be sure to find the best encryption services for your specific cloud environment. There are numerous encryption products designed for private, public and hybrid cloud users -- including Vormetric Cloud Encryption, Trend Micro SecureCloud and CipherCloud cloud data encryption gateway, among many others. Look for products that support strong standardized AES 256 block encryption. U.S. government agencies and contractors should also look for encryption products that meet FIPS 140-2 certification.

An increasing number of businesses that are considering a move to a public or hybrid cloud demand verifiable data separation. This obligates the cloud provider to ensure geographic limits on where data is actually stored and mitigate the effect of data breaches. It's a tall order, so be sure to approach cloud computing as an ongoing process, rather than a one-time endeavor.

Start small with nonessential workloads and gradually release more important content to the cloud, as experience allows. Strong encryption and careful key management are essential elements of any cloud strategy. To address changes to legal, regulatory and threat assessments, review your cloud strategy regularly. Make sure you have a fallback option if your public cloud project goes south. If the situation dictates, know how to bring sensitive data or workloads back in-house.

Stephen J. Bigelow is the senior technology editor of the Data Center and Virtualization Media Group. He can be reached at sbigelow@techtarget.com.

Next Steps

Hackers hinder public cloud's reputation

Need for cloud encryption heightened by retail data breaches

Security enhanced in the latest cloud models

This was last published in November 2014

Dig Deeper on Data security in the cloud

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

3 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

I'm all for encryption if my data is not in my control. If someone else has access to the same storage, I don't want nosy people poking around and possibly cause me to lose customers, reputation and/or my business.
Cancel
It all comes down to who owns/maintains/possesses the encryption keys. If you allow the Cloud Provider to keep them, you run the risk of data loss via internal Cloud Provider admins doing malicious things (quit their job, have a bad day, fat-finger a CLI, etc.). Encrypt the data, keep copies and manage your own keys.

Cancel
It all comes down to who owns/maintains/possesses the encryption keys. If you allow the Cloud Provider to keep them, you run the risk of data loss via internal Cloud Provider admins doing malicious things (quit their job, have a bad day, fat-finger a CLI, etc.). Encrypt the data, keep copies and manage your own keys.
Cancel

-ADS BY GOOGLE

SearchServerVirtualization

SearchVMware

SearchVirtualDesktop

SearchAWS

SearchDataCenter

SearchWindowsServer

SearchCRM

Close