Cloud security is top priority for enterprises migrating to the cloud
By Gilad Parann-Nissany
Cloud security is top priority for enterprises migrating to the cloud. Security officers and business decision makers are well aware of the cloud risks and we’re seeing an ever growing demand for cloud data security solutions during the past few months. But at the same time, many cloud security products lack a significant cloud enabler: the ability to orchestrate and automate data security within the overall cloud deployment. Specifically in our line of business (cloud encryption), we see cases where enterprises with highly sophisticated and automated cloud implementations, are compromising on either the automation or the data security of their cloud architecture.
Would you drive a Ferrari with no airbags?
Let’s assume your cloud infrastructure is a fancy sports car, and your cloud data security is its airbag system, but the manufacturer has designed it in such a way that you’ll need one key to start the engine, and a second key to enable the safety systems. The same goes for the cloud: implementing a fully automatic and scalable cloud system while maintaining the encryption keys on (for example) a physical server back in the physical data center, simply doesn’t cut it anymore. Consider the manual management of the physical environment and the permanent licenses you’ll have to pay. After all, you went to the cloud to avoid those issues, and the expectation is for your cloud system and all supporting subsystems to start working together from the starting point.
The ideal cloud design, therefore, should contain a data security system that scales with your enterprise cloud architecture while not compromising the critical element of cloud data security.
Cloud Key Management can be tricky
Unfortunately, cloud data security and specifically cloud key management is challenging. A public cloud environment dictates you’ll need to either trust a third party with your encryption keys (the cloud provider or a third party security vendor), or deploy a key management system back in your data center, a fact which eliminates – as mentioned above – many of the cloud benefits such as scalability and automation. To effectively deal with such scenarios, there’s a need for a new – cloud based approach. One such solution is split-key encryption, a new technology which literally splits the encryption key into two. One part – a project master key, is known only to the customer, while the second part is automatically generated by the key management system. Only the combination of both half keys can encrypt and decrypt data. The result is an automated key management system which does not impact trust and data confidentiality. You can read more about split-key encryption on the following whitepaper.
While cloud scaling and automation are critical, enterprises should not compromise on cloud data security. Current cloud security solutions are limited and there’s a need for new and innovative cloud security technologies. Split-key encryption is one example of such technology that should be taken into consideration as part of the overall cloud strategy and planning.
Subscribe to the blog to receive updates about:
AltaFlux understands what you and your organization need to excel, and can deliver rapid innovation to unleash your full workforce potential. Together, we can empower your business by streamlining, transforming, and optimizing your key HCM and talent processes with industry-leading SAP SuccessFactors technology—enabling you to adapt at the speed of change.
AltaFlux Corporation is a global HCM cloud consulting partner based in Troy, Michigan. We empower organizations by streamlining, transforming, and optimizing key human capital management (HCM) processes with industry-leading HCM cloud solutions like SAP SuccessFactors, Benefitfocus, WorkForce Software and Dell Boomi.