Protect Yourself by Encrypting All Data Stored in the Cloud

 
 
By Lisa Vaas  |  Posted 2012-05-15 Email Print this article Print
 
 
 
 
 
 
 


In general, people who attend security conferences are more attuned to security risk than those who do not, so I'd trust their perceptions over those reported in a cloud service vendor-funded study. But then again, security vendors make their money off of security risk, so mix the results of surveys together, add a dollop of your own real-life experience and see what floats to the top, credibility-wise.

One of the biggest takeaways from the Sophos survey was that employees use cloud even when its security proposition is iffy and even when they don't have their bosses' permission. It's just too easy to exchange and share and store files in the cloud; you can't expect people to pass it up.

Chris Pace, a product specialist at Sophos, said you've just got to assume that users will take advantage of cloud services and prepare for the technology's inherent security vulnerabilities. Otherwise, ungoverned employee use could lead to data compromise.

His thoughts are that one of the most essential components in organizations' responsibility for securing data that goes to the cloud is file encryption that's done before the data leaves their grasp. The user gets a password to decrypt and the business keeps the keys. "It's their data, after all," he says.

Whether businesses are using cloud services without official sanction, thanks to employees, or whether they're using cloud because they (wrongly) think cloud will solve all their security problems, all organizations should be aware that all cloud services are not created equal.

Symform, provider of cloud network services, offers a few security issues to consider when choosing a service provider:

  • Some clouds encrypt your data while it's in the cloud, but leave it in the clear while it€™s being transported.
  • Others, though they encrypt the data before storing it, transport the data to their data center via a single Internet connection, creating a single point of attack and potential failure.
  • Cloud providers have distinctly different ways of generating, storing and managing encryption keys.

Pace recommends these other, simple precautions:

  • Web-based policies using URL filtering;
  • application controls that can be applied to cloud products; and
  • data encryption that provides a layer of security across the board.

To which I would add one more bullet point:

  • Keep backup copies of data uploaded to the cloud, lest you get MegaUploaded.

 



 
 
 
 
Lisa Vaas is News Editor/Operations for eWEEK.com and also serves as editor of the Database topic center. Since 1995, she has also been a Webcast news show anchorperson and a reporter covering the IT industry. She has focused on customer relationship management technology, IT salaries and careers, effects of the H1-B visa on the technology workforce, wireless technology, security, and, most recently, databases and the technologies that touch upon them. Her articles have appeared in eWEEK's print edition, on eWEEK.com, and in the startup IT magazine PC Connection. Prior to becoming a journalist, Vaas experienced an array of eye-opening careers, including driving a cab in Boston, photographing cranky babies in shopping malls, selling cameras, typography and computer training. She stopped a hair short of finishing an M.A. in English at the University of Massachusetts in Boston. She earned a B.S. in Communications from Emerson College. She runs two open-mic reading series in Boston and currently keeps bees in her home in Mashpee, Mass.
 
 
 
 
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel