Image courtesy of Shutterstock
We’re in the midst of analyzing some survey data for an upcoming report on cloud computing strategy and have discovered that, thus far into the cloud computing era, security is till the No. 1 concern among companies debating going to the cloud. But a cloud environment isn’t inherently less secure than an on-premise environment; it’s all in the implementation.
Encryption of data is one way to mitigate the risk of data exposure, a major security and compliance concern. This article by Thomas Trappler, director of software licensing at UCLA, examines the questions to ask a cloud provider about how encryption is implemented in their environment, and introduces two new encryption concepts being developed on the cloud provider side: distributed file systems and data obfuscation.
An interesting takeaway from the article is the importance of the handling of encryption keys. If they’re stored local to the data, they can be retrieved by an attacker and used to de-encrypt data. But if they’re stored elsewhere and lost, the data becomes useless.