Using full drive encryption as a security measure in the cloud is like having a rabbit instead of a dog to protect your house – It’s just not the right tool for the job. In fact, many traditional security tactics that organizations use to protect their data in physical environments won’t measure up when moving applications and data to the cloud.
As organizations increasingly leverage infrastructure as a service (IaaS), it’s important to understand the unique security requirements in virtual environments.
Even if data is no longer physically in your organization’s possession, it is still your responsibility. Whether data is governed by privacy laws like HIPAA or PCI, disclosure laws, or it is simply data with high value to your organization, you need to work with your CSP to ensure end to end protection. Find a CSP that is willing to open a dialogue with you about data security, and make sure that you are both clear on who is responsible for what. Once you find your provider, you can buckle down and identify the right technologies and processes to support your security objectives.
Keep in mind that not all technology translates to virtualized environments. For example, standard disk encryption can be a great solution for static physical storage or laptops. But in a highly dynamic public cloud, you don’t control where your virtual machine resides, and disk encryption will be lost if your VM is moved.
Another element that is overlooked in the cloud is multi-tenancy: your applications and data will most likely share physical hardware and storage with that of other CSP customers. The cloud is becoming a richer target for hackers, and there is always the possibility of misconfiguration, which could inadvertently expose your neighbor’s data, along with yours.
Utilizing a CSP also presents the problem of another administrator potentially having access to your data. Make sure your SLAs are clear. Even better, consider encrypting your data within the OS of the virtual machine, giving an added layer of protection from the CSP admins. Most critically, make sure YOU control the encryption keys. Make sure your policies and technologies support controlled key administration, so that no one person has complete control of your keys.
By limiting the accessibility to the data, you will help avoid human error. It is common that misunderstood or misconfigured privacy settings can result in security blunders. Recently, over 126 billion files were exposed on Amazon’s S3 cloud because customers misunderstood security settings.
Despite all of the risks that are associated with CSPs, there are many advantages; it is just a matter of realizing the differences from your datacenter, and being prepared to deal with them proactively. Encryption can play a key role.
Encrypting data at a VM-level will allow you to create cryptographic multi-tenancy, so that even if someone gets access to the network, they won’t be able to see your data. It’s also useful to ensure all copies of your data are secured.
When you sign your contract with your CSP, much attention will be given to availability and uptime. In order to ensure five 9’s availability and the ability to recovery from a disaster, CSPs must replicate your data multiple times. This means your virtual machines are leaving footprints all across a CSPs network – potentially even out of the country. By encrypting it, you can ensure that any footprints you leave behind are indecipherable, even to the world’s best trackers.
Another consideration is what happens to your data when you want to leave a CSP, or change service providers. Because of replication and backup, there may be many copies of data floating around, which can be difficult to erase completely. With the right encryption, you can cancel your contract and delete the encryption key, effectively making your leftover data unreadable forever.