Steps To Secure Data In The Cloud

Steps To Secure Data In The Cloud

Steps to Secure Data In the Cloud

Cloud computing and storage security is often one of the main stumbling blocks cited by those who’d like to reap the benefits of moving to the cloud, but believe they cannot. Data security is extremely important, but for many enterprises and markets, there can be no compromise in security. For those businesses, the idea of compromising security, even just a bit, in return for the vast benefits of going to the cloud were not possible.

cloud-thumbnail

Data security in the cloud is not impossible. Many industries that were previously unable to use cloud services for data storage are now able to do so thanks to new, real-world ways of securing data. There are real, practical methods for securing data in the cloud. When taking these steps, two things must be kept in mind:

  • Protecting data in real-world environments
  • Compliance requirements

Protecting data in the cloud involves many of the same requirements the data administrator will have when protecting data in a closed network. Sticking to CIA (Confidentiality, Integrity, and Availability) as the root protection method is still the best way to keep data secured. Analyzing and mitigating the most common security threats to your data requires considerations of the location of the data as well as its regulation within the scope of compliance.

Location of Data

Meeting compliance requirements for whatever standards regulate your business or industry is a serious obligation. For cloud storage, the biggest problem here is the location of the data. In most public cloud systems, your data’s geographic location may be random and is often unknown. It’s not unusual for single entry in the database to actually have multiple homes in the cloud, which can complicate the use of public cloud – or even make it impossible in some cases. Private clouds, however, often do not have this issue with locations of data being fixed (within certain parameters) or at least identifiable.

Regulation of Data

secure-data

As an example of protecting data while meeting compliance requirements, personally-identifiable information is often regulated quite differently from one jurisdiction to another – even country to country. In the U.S., any personally- identifiable information stored within the country borders must be available to law enforcement under the USA Patriot Act. In Canada and several European countries, however, that data must be kept away from foreign jurisdictions at all times, making it illegal to store some personally-identifiable information of Canadian, French, or other citizens on U.S.-based servers. Further, all of these jurisdictions have differing requirements for storage security.

Steps Towards Securing Data In the Cloud

To move to the cloud, database professionals will first need to identify what types of compliance requirements they may have. Some data may have to remain in-house while other might be a good candidate for cloud services. If you have contracts that cover some of your data in regards to privacy policies, storage for clientele, etc., you will also need to review those contracts to be sure that the data can be stored off- site without breaching agreements.

Solutions for this may include finding services that guarantee storage of data only within a specific jurisdiction. For example, Amazon Web Services has “regions” for cloud storage and those who opt to keep their data within a specific geographic region (the U.S., North America, specific areas of the U.S. or Canada, etc.) may find that this keeps them in compliance. It comes with risks, however as witnessed by the area-wide outages some Amazon customers have had in the past.

Data Protection Points

Once data is flagged to be moved into the cloud, protection becomes critical. For cloud storage, there are generally three locations that the data will be at any given time:

1. At its fixed data storage locations

2. At the virtual machine doing the processing

3. In transit from the fixed storage to the virtual machine

Because of this less-central setup, administrators need to consider security of the data not only in storage, but also while in transit and in use. This requires three things:

1. Access control lists to secure who gets access to what data and when – already SOP for most databases stored centrally, but now to include some off- site administrative personnel from the storage provider.

2. Encryption during transit to ensure that the data is secure during transit to and from the processing machine and the database’s storage location. In this case, the data should be treated as if it were being accessed by remote personnel even if the processing machine is on-site.

3. Encryption at storage, in order to ensure access by cloud services provider personnel is limited to data movement only to avoid giving them access to potentially sensitive information. This provides another level of security that may also give better compliance for many types of very sensitive data such as personally-identifiable information and financial information storage.

Conclusion

By taking steps to classify and securely transmit and store information, the database administrator and management are likely to find that they are in compliance with most of the requirements they have. Carefully securing contracts that hold location compliance requirements in mind and encrypting it when it is stored on servers you do not control, you also protect yourself from liabilities that could come from others’ gaining access through legitimate methods but without your authorization – namely the staff at the contracted storage facilities for your cloud services.

By Michael Dorf,

Michael Dorf is a seasoned software architect and instructor with a M.S. in Software Engineering and a dozen years of industry experience. He is a co- founder of LearnComputer (learncomputer.com), an IT/Open Source training school based in San Francisco Bay Area. Our one-day Big Data Overview course is designed for IT managers who need a fast track to Big Data solutions available on the market today.

Follow Us!

CloudTweaks

Established in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with a small percentage provided by guest authors from around the globe, including CEOs, CIOs, Technology bloggers and Cloud enthusiasts. Our goal is to continue to build a growing community offering the best in-depth articles, interviews, event listings, whitepapers, infographics and much more...
Follow Us!

One Response to Steps To Secure Data In The Cloud

  1. Your paragraph on regulation is incorrect. In terms of Canada, BC and Nova Scotia have restrictions about government-controlled personal information, but that’s it.


CloudTweaks Sponsors - Find out more!


Popular

Top Viral Impact

Cloud Infographic – The Internet Of Things In 2020

Cloud Infographic – The Internet Of Things In 2020

Cloud Infographic –  The Internet Of Things In 2020 The growing interest in the Internet of Things is amongst us and there is much discussion. Attached is an archived but still relevant infographic by Intel which has produced a memorizing snapshot at how the number of connected devices have exploded since the birth of the…

The Future Of Work: What Cloud Technology Has Allowed Us To Do Better

The Future Of Work: What Cloud Technology Has Allowed Us To Do Better

The Future of Work: What Cloud Technology Has Allowed Us to Do Better The cloud has made our working lives easier, with everything from virtually unlimited email storage to access-from-anywhere enterprise resource planning (ERP) systems. It’s no wonder the 2013 cloud computing research IDG survey revealed at least 84 percent of the companies surveyed run at…

Forrester Releases Its “15 Emerging Technologies To Watch Before 2020” Report

Forrester Releases Its “15 Emerging Technologies To Watch Before 2020” Report

15 Emerging Technologies To Watch Before 2020 The cloud, big data, the internet of things, and wearable technology have all featured heavily in Forrester’s latest list of fifteen technologies to watch before 2020. It is becoming a reality for businesses that they need to adapt and change to an increasingly technologically-minded customer base. Traditional marketing…

Cloud Infographic: The Education Of Tomorrow

Cloud Infographic: The Education Of Tomorrow

Cloud Infographic: The Education Of Tomorrow  Online Education is a very exciting topic for many as it opens up many new doors and opportunities. We’ve touched on areas such as Massive Open Online Sources (MOOC) which provides tremendous levels of cloud based interconnectivity. We’ve taken a look into higher education,  the increased demand for online courses as well as…


Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

You can help continue to support our community by social sharing, sponsoring, partnering or contributing to this great educational resource.

Contact

CloudTweaks Media
Phone: 1 (212) 763-0021
contact@cloudtweaks.com

Join our newsletter