Security is a major concern with many IT services, including cloud storage. Enterprise-class cloud storage providers...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
offer several tools to protect business data and control access. What cloud storage security concerns are real and what types of questions should enterprises ask when selecting a cloud storage provider?
Encryption is an essential piece of cloud storage. Enterprises must select a cloud storage provider that supports encryption in flight and at rest. Amazon Web Services (AWS) can move data to or from Simple Storage Service (S3) across an SSL connection and protect that data using AES-256 encryption.
AWS offers several key management methods and can manage encryption keys for its customers or encrypt data using keys the enterprise provides. By comparison, Google uses default AES-128 encryption and key management for data at rest.
Still, some companies are uneasy with the idea of cloud storage providers holding the keys to business data. To address encryption key management concerns, cloud storage users can encrypt data and manage keys on the user side with a tool such as Amazon S3 Encryption Client. And to secure data before it moves across the Internet to the cloud provider, enterprises can choose available third-party encryption tools such as Viivo, Sookasa or Cloudfogger.
Most large cloud storage platforms are very secure, but enterprise IT still must do its share in protecting data. AWS' shared responsibility clause, for example, points to IT's obligation to secure their operating systems, data and applications within the system.
Additionally, enterprise-class cloud storage users can look for authentication or access control mechanisms like access control lists, multifactor authentication, multifactor delete protection and requirements for strong logon credentials. Event notifications can alert IT teams when someone attempts to access the data, adds data to the store, or takes other actions. This administrative control can provide oversight that meets some regulatory or governmental requirements.
Stephen J. Bigelow is the senior technology editor of the Data Center and Virtualization Media Group. He can be reached at firstname.lastname@example.org.
Best cloud security advice from 2014
Recent retail breaches highlight need for cloud encryption
Cloud data security is necessary, but costly
Dig Deeper on Data security in the cloud
Related Q&A from Stephen J. Bigelow
VMware AppDefense secures an application by monitoring deviations from its normal behavior. Its core functions establish a baseline, measure behavior...continue reading
Whether it's C, Java or Adobe, it's important to understand the differences among runtime environments. Expert Stephen J. Bigelow outlines the ...continue reading
Improve the integrity of vRealize Automation backups by minimizing active transactions, backing up appliances and databases simultaneously and ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.