Key Control in the Cloud
A frequent discussion as organizations seamlessly extend to the cloud is security. Moving to the cloud for even small workloads is logical and inevitable, and security as a best practice is as well.
Security often equates to encryption and when cloud providers provide encryption, well, in many cases they hold or have access to the keys.
Let’s stop and think about this for a second. If having your cloud service provider encrypt your data makes you feel safe, be careful.
What you are effectively doing is giving the cloud service provider–be they regional or a big public cloud—decision?making power over who can decrypt your information, when, and for what reason. This is fine if you trust them, but here are a few things you may want to think about:
- Government agencies can compel cloud service providers to decrypt and hand over your data for a variety of purposes, without your knowledge or control.
- You’re at the mercy of the cloud service provider’s systems administrators who may or may not be looking out for everyone’s best interest.
- Last (and this is not a conclusive list) there is also the issue of data destruction. Some organizations like to burst out to the cloud, only to burst back into their private data center when things die down. Sometimes, they want to ‘move around’. When it’s time to leave for greener pastures, how can you be assured that the data does not stay in the cloud?
When encrypted data is stored or processed in the cloud, the lock and the keys should be kept separate and the end user should control the keys. At the very least, make sure that you understand the policies and best practices your service provider has in place should that not be the case.
In certain use cases, maybe those keys are better managed up there in the cloud. Just make sure you know who has the keys and what needs to be done for anyone other than yourself to access them.