Encrypting cloud data

Being free to choose the most suitable encryption for your business seems a good idea. But it will only work in a context of recognised standards across encryption systems and providers’ security platforms. Dr. Hongwen Zhang, Chair Security Working Group, CloudEthernet Forum explains.

In the first years of major cloud uptake there was the oft-repeated advice to business that the sensible course would be to use public cloud services to simplify mundane operations, but that critical or high priority data should not be trusted to a public cloud service but kept under control in a private cloud. Instinctively this made sense: you should not allow your secrets to float about in a cloud where you have no idea where they are stored or who is in charge of them.

The irony is that the cloud – being so obviously vulnerable and inviting to attackers – is constantly being reinforced with the most sophisticated security measures: so data in the cloud is probably far better protected than any SME could afford to secure its own data internally. It is like air travel: because flying is instinctively scary, so much has been spent to make it safe that you are less likely to die on a flight than you are driving the same journey in the “safety” of your own car. The biggest risk in air travel is in the journey to the airport, just as the biggest risk in cloud computing lies in the data’s passage to the cloud – hence the importance of a secure line to a cloud service.

So let’s take a look at encryption. Instinctively it makes sense to keep full control of your own encryption and keys, rather than let them get into any stranger’s hands – so how far do we trust that instinct, bearing in mind the need also to balance security against efficiency?

The idea of encryption is as old as the concept of written language: if a message might fall into enemy hands, then it is important to ensure that they will not be able to read it. We have recently been told that US forces used Native American communicators in WW2 because the chances of anyone in Japan understanding their language was near zero. More typically, encryption relies on some sort of “key” to unlock and make sense of the message it contains, and that transfers the problem of security to a new level: now the message is secure, the focus shifts to protecting the key.

In the case of access to cloud services: if we are encrypting data because we are worried about its security in an unknown cloud, why then should we trust the same cloud to hold the encryption keys?

+ posts

Newsletter

Related articles

How the cloud could hold the answers to the world’s biggest questions

Considering the cloud is already doing its part to solve the huge problems of climate change and cybersecurity, its functionality holds enormous promise to contribute further and solve even more of the world’s most pressing issues. 

Clarifying UK cloud adoption patterns

There is no doubting the shift towards cloud adoption. What is far more unclear is the exact path this is taking, and what ‘cloud adoption’ really means in terms of the IT choices made by UK companies.

SMEs: The Move from Legacy to the Cloud

Digital transformation is clearly a mainstream strategy, and the cloud has certainly shown its value in recent times more than ever before.

Don’t lose sight of SAP on Cloud operational excellence

Digital transformation projects can often become complex with twists and turns, which can lead organisations to focus solely on the migration itself.

Need to reduce software TCO? Focus on people

Investing in software is undoubtedly important for enterprises to stay ahead. However, the process is rarely a simple task for CIOs and IT leaders.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Subscribe to our Newsletter