Data encryption and key management top priorities for cloud hosting companies
Moving business operations to the public cloud is an option many corporations have considered. However, cloud servers have been scrutinized for possessing poor security measures despite industry practices and innovations that should allay such concerns.
Mike Kavis, an experienced chief technology officer, told Forbes Magazine that one of the worst practices companies engage in when it comes to the public cloud is not taking the time to fully understand it. The industry professional noted that with the proper architecture, the public cloud can be more secure than many on-premises data centers.
"Make cloud security understanding a top priority for architects, product teams and other IT professionals," he recommended.
Encrypting sensitive data
Because the big data a company collects contains sensitive client or customer information, as well as potentially business-optimizing knowledge, cloud providers have implemented techniques designed to enhance platform security. Typically, a cloud host encrypts data coming into the environment, which disables it from being translated by malicious foreign entities. This process simultaneously creates a key capable of converting the code for those authorized to view it.
Prakash Panjwani, senior vice president for a cloud security corporation, told TechZone360 that because data is being stored in a diverse IT landscape, security teams need to take the next step in encryption, whether that involves developing new software or implementing simple safe practices.
Key management techniques
The question many cloud server hosting professionals are looking to answer is where to put the encryption key. According to InfoSecurity Magazine, the Key Management Interoperability Protocol (KMIP) standard, which allows organizations to utilize centralized key management systems spanning multiple equipment vendors, has established a fairly high level of awareness among IT professionals.
TechZone360 reported that companies typically store their keys in a different location of the cloud server. However, this method still leaves them available to hackers if they chose to do a little digging. The source said that 45.6 percent of businesses managed their keys centrally, but this practice has been criticized for inefficiency and inconsistent policy enforcement.
"By deploying a multi-layer encryption and centralized key management strategy and leveraging hardware for key management and storage, organizations can accelerate their cloud, virtualization and consolidation initiatives while also retaining control over their sensitive data," Panjwani recommended.
The major concern for businesses is how to maintain data confidentiality on their own. Time and resources are precious, which is typically why a hosting company will undertake the responsibility of perpetuating vigilant security measures.
- Welcome to GoGrid!
- I'm a Cloud Infrastructure and Big Data Solutions expert.
- What questions do you have today?