According to industry research firm Gartner, the worldwide market for cloud computing will grow 18.5 percent this year to $131 billion. One of the leading areas of adoption among companies of all sizes is file share and sync services such as Box, Dropbox, etc. These services are being used by employees whether the company sanctions them or not. So what steps can be taken to keep data private and secure in the cloud? Let’s look at the top three security priorities for any company that wants to protect their content in the cloud.
In today’s BYOD/cloud world, where companies have little control over where data may travel, information must be encrypted before it leaves the end station. To be effective, encryption should meet the following criteria.
First, the encryption must be strong. It’s best to use the most trusted and robust algorithms and make sure they are properly configured.
Next, encryption should be applied to the content, not the container. This means applying cryptography directly to a file or other data object at the source, versus encrypting to disk. Container-based encryption simply leaves exposure points between containers and makes it difficult to ensure appropriate key ownership. For example, if a provider encrypts a hard disk used by 300 customers, there’s no way for customers to retain any kind of control on decryption, since they can’t be given the keys.
Finally, encryption must be implemented end-to-end: as soon as content is created and prepared for transmission to the cloud, it must be encrypted.
If any one of these requirements is absent, security gaps and vulnerabilities will exist.
Monitoring and Logging
Integrate log management and monitoring controls for cloud-based applications and infrastructure. This would include, for example, network-based monitoring solutions deployed virtually in IaaS or hosted environments and ACL (access control list)/firewall policies. A unified method of log retrieval, parsing and review should be established, so that at a minimum logging and audit infrastructure can accommodate out-of-band cloud-sourced log information.
Federated Key Management
Just as identity management has become federated in the cloud (using SAML to leverage your corporate account to log into cloud services is a good example), so must key management. Using key federation, users can share content across organizations without relying on a single service provider or organization to handle the keys. For example, if three organizations in Germany, China, and the US want to share data, federated key management eliminates the need for them to trust a cloud provider. This is a significant benefit given the recent NSA spying revelations, which have re-enforced both the need to retain key control and to guard against data theft by IT administrators.
In this model, the central cloud service provider serves only as a “mediator” to facilitate secure document collaboration, but does not have the necessary data access privileges or keys to actually decrypt files or access them in an unencrypted form. Here’s how it works:
- The central (cloud-based) mediator receives enrollment requests from various users who want to collaborate. No distinction is made between the users based on location – they can be anywhere.
- The meditator enrolls these users into a cryptographically protected group and establishes a data repository for the documents that will be shared. Using advanced, but standard-based, cryptographic techniques, the relevant key material is fragmented, re-encrypted, and distributed. As a result, the mediator does not have enough key material to decrypt anything. Meanwhile, each user must have the “approval” of the mediator to decrypt documents in the group repository.
- As users submit documents into the shared repository, they are encrypted and the activity logged.
- When any user tries to access a document, they submit their (cryptographically authenticated) credentials to the mediator. If credentials are valid, the mediator releases their portion of key material to the user. This missing key fragment plus the user’s own key material allow the document to be decrypted.
- Removing access for a user is as simple and quick as updating the policy on the mediator. There is no need to distribute revocation lists or touch the clients in any way.
To secure and protect the privacy of content in cloud sharing services, organizations need to supplement service provider controls. Using an infrastructure that combines the three criteria described above not only provides data protection, but also prevents content from being released by cloud providers to any third party without the consent of content owners.
About the Author: Jieming Zhu is co-founder and CEO of AlephCloud, a provider of cloud content privacy solutions. Zhu is an industry veteran, executive, and technologist of enterprise storage systems and networks.