Download the authoritative guide: Enterprise Data Storage 2018: Optimizing Your Storage Infrastructure
If your data is encrypted by an application running on your cloud provider, what happens to the data that is currently on your local systems? Do you move it up the cloud and then apply encryption? Is the data validated between your local system before you turn it off, and once it is in the cloud? These are two important questions to consider.
I have no issues with the cloud vendor running the key management application, but there are two things to consider. One is, do you want to transfer your data over an unprotected unencrypted network?
If you don’t have a VPN between you and the cloud provider and are just using the Internet, your data is at risk in flight. Of course the risk is small but for things like HIPPA and Sarbanes/Oxley compliance data, do you really want to fines that are associated with the risk?
The second issue to consider is data integrity. If you are moving large amounts of data between you and your cloud provider, the likelihood of a silent data corruption during the movement is pretty high. You can search “network silent data corruption” but here is a good article (look for Silent Data Corruption, SDC). It’s more prevalent that you think.
You need a plan that ensures that all of your data gets from your current system to the cloud with a near 100% assurance that the integrity in intact. This means that you need, in my opinion, to encrypt the data on our own machines and ensure that the hashes are created. Move the files to the cloud system and validate every hash for every file.
You also need this procedure for every file that will be moved from local systems to the cloud in the future. As I have said time and time again, silent data corruption is real and you need to protect yourself from it.
Who is responsible if problems occur?
Remember when Ronald Regan was shot and Al Haig said he was in charge? Well, there needs to be a plan for someone to be in charge and well defined roles of responsibility if something really bad happens.
Remember the RSA breach of security that led to significant issues for a number of companies? In each company that was vulnerable, I’m pretty sure there was an action plan to prevent a security breach. And for those that did not they were attacked and there was a breach.
I know from some friends that prevented a breach that there were some key things that needed to be done. Those who did not do those key things were attacked and the rest is history.
This is going to be no different than what will be needed to protect your data in the cloud environment. Putting data into the cloud means that more than likely there are far more entry points into the system – especially if you are not using a VPN.
So let’s say you get your key management system from the cloud vendor but you are responsible for the management and the cloud vendor had a security breach. Who is in charge? These kinds of n-case events must be decided before they happen, not afterwards.
When moving your data into the cloud, key management is one of the critical planning items that must be planned and implemented. I have covered a few of the areas I think are important as part of the planning process, but this is not an exhaustive list. And each one of you that is thinking of moving to the cloud needs to do the planning that is appropriate for your business and workflow.
Using the cloud presents some new challenges for storage, with encryption being in my opinion one of the critical areas that needs to be well thought out. A plan needs to be written down and updated as things change, and executed when something happens.
Without this type of rigor you are potentially at risk for something bad happening, especially if you have legal obligations.