Cloud encryption: Data Encryption technology used on the cloud (1)

Source: Internet
Author: User
Tags cloud hosting

Cloud encryption: Data Encryption technology used on the cloud (1)

Although many enterprise organizations want to make full use of cloud computing, data security remains the primary concern. However, with the help of many cloud solutions, it is expected to achieve and enjoy effective data protection and strong encryption on the cloud.

As business regulation and Information Security expand at an asymmetric pace, corporate supervisors often end up facing challenges in privacy and security, and they lack the relevant knowledge or experience to address these challenges. Although encryption is the basic technology that privacy experts agree to as the cornerstone of security, cloud encryption may be difficult. Since there are so many different types of encryption technologies available, small and medium enterprises find this solution attractive but confusing.

Encryption is not a new technology at all. In the past, encrypted data was stored on servers, while servers were placed inside the company, and the company directly controlled them. As many popular business applications are hosted on the cloud today, enterprise executives either need to rely on contract articles to protect assets, and choose one that allows customers to encrypt data first, cloud service providers that are then sent to the cloud for storage or processing, or cooperate with software as a service (SaaS) providers to manage the encryption and decryption of their enterprise data.

Sometimes, the company has no choice; some customer relationship management (CRM) applications such as Salesforce.com and other enterprise file synchronization and sharing (EFSS) applications such as Citrix file use secure Internet connections, for example, Transport Layer Security (TLS) encrypted connections transmit data from users' keyboards or servers to Internet applications. Some cloud storage applications also allow users to establish a secure link between an enterprise network or a mobile system and a cloud storage application, such as Copy.com of Barracuda. Once the data arrives at the server of the cloud service provider, the application provider usually encrypts the data to ensure the security of static data.

Effective data protection on the cloud

However, we have encountered one of the challenges brought about by the asymmetric development of the cloud environment. In the past, one of the most important tasks facing IT managers was managing encryption keys. Green House Data is a cloud hosting and Data center service provider. Cortney Thompson, chief technology officer, said it is extremely important to separate encryption keys from encrypted Data to ensure Data security.

"We remind customers in the medical industry to pay attention to the storage and use of encryption keys," he said. Customers often place keys and data in the same place ."

When an application is in use, it may also store the key in the memory. The encryption key should be placed on another server or storage block. Backup of all keys should also be stored in a remote location to prevent disaster. Such backups should be reviewed every several months.

"Encryption keys still need to be updated frequently," Thompson added. Companies are often forced to do so because the key itself is set to automatically expire, and other keys need to be updated on a regular basis. Encryption of the Key itself should be considered (but this leads to a vicious circle of encryption and re-encryption ). Finally, multi-factor verification is adopted for the master key and recovery key ."

Vic Winkler, chief technology officer and product and Technical Director of the security platform developer Covata USA, pointed out that not all enterprise data needs to be encrypted, and not all users have the same data access needs. It is important for companies, especially small and medium-sized enterprises, to develop rules to identify which information needs to be encrypted and which data can be securely stored in plaintext format.

Winkler specifically pointed out that the use of software that can automatically encrypt the data in the application is a service application to isolate data, which is of great help to ensure that important data is protected. Protecting data does not negatively affect the company's business processes.

Winkler said that to effectively protect data, whether it is the Chief Information Security Officer (CISO) in a large enterprise or a designated Administrator in a small and medium enterprise, the Enterprise Supervisor responsible for security needs to protect data in these three states: transmitted data, in-use data, and static data. He said that many companies are doing well in using TLS to protect data in transmission, but the security of static data and data in use still needs to be improved.

Winkler said, in fact, it is very important to protect static data. The best choice is to encrypt sensitive data when it is created. After the data is stored in the data center, the data is protected both locally and on the cloud. He said application security is like sandwich cake. After the data is added to the files in the application, security should be an integral part of the whole, which ensures data security at any time.


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.