The protection of business-critical data is a key element in a cloud environment. This applies to information stored on a server or storage system and also for the transport of data, such as from the corporate network to a cloud service provider. To prevent sensitive information being intercepted by unauthorized parties, data loss prevention systems is/are helpful.
Introduction to Protection of Data by Data Loss Prevention and Encryption
We previously discussed topics like Encryption and Decryption in Technology, AES or Advanced Encryption Standard etceteras. Such systems prevent, for example, the providers who has disloyal own staff or administrators of a cloud service provider information as empty. In addition, data encryption should be used. This applies also for databases that are outsourced to cloud storage services, such as archival data. In addition to the security policy of a workload must be appropriate to the safety significance of the data. In order not to affect too much the performance of the servers, storage systems and devices, a selective data encryption offers the complete hard drives to encrypt or storage arrays, only safety-relevant data assets are protected.
More on Protection of Data by Data Loss Prevention and Encryption
However, encryption requires an efficient key management. The key management to the cloud service provider is not advisable to carry out for safety and compliance reasons. An an approach for key management that is specifically tuned for the cloud computing, for example; one American company named Porticor has developed Cloud Security with Cloud Key Management Products. It is based on two keys: One key for the provider, the second and the master key – both are secured with the key that remains with the customer.
All data objects, i.e., files and storage , such as disk, tape, and SSDs will be encrypted with this split-key technique. When an application accesses this information holdings of the appropriate keys must be used. When exchanging data between a company, the cloud service provider is important but it is also important to ensure that a secure connection is/are used, such as IPsec or SSL VPNs.