Steps To Secure Data In The Cloud

Steps To Secure Data In The Cloud

Steps to Secure Data In the Cloud

Cloud computing and storage security is often one of the main stumbling blocks cited by those who’d like to reap the benefits of moving to the cloud, but believe they cannot. Data security is extremely important, but for many enterprises and markets, there can be no compromise in security. For those businesses, the idea of compromising security, even just a bit, in return for the vast benefits of going to the cloud were not possible.

cloud-thumbnail

Data security in the cloud is not impossible. Many industries that were previously unable to use cloud services for data storage are now able to do so thanks to new, real-world ways of securing data. There are real, practical methods for securing data in the cloud. When taking these steps, two things must be kept in mind:

  • Protecting data in real-world environments
  • Compliance requirements

Protecting data in the cloud involves many of the same requirements the data administrator will have when protecting data in a closed network. Sticking to CIA (Confidentiality, Integrity, and Availability) as the root protection method is still the best way to keep data secured. Analyzing and mitigating the most common security threats to your data requires considerations of the location of the data as well as its regulation within the scope of compliance.

Location of Data

Meeting compliance requirements for whatever standards regulate your business or industry is a serious obligation. For cloud storage, the biggest problem here is the location of the data. In most public cloud systems, your data’s geographic location may be random and is often unknown. It’s not unusual for single entry in the database to actually have multiple homes in the cloud, which can complicate the use of public cloud – or even make it impossible in some cases. Private clouds, however, often do not have this issue with locations of data being fixed (within certain parameters) or at least identifiable.

Regulation of Data

secure-data

As an example of protecting data while meeting compliance requirements, personally-identifiable information is often regulated quite differently from one jurisdiction to another – even country to country. In the U.S., any personally- identifiable information stored within the country borders must be available to law enforcement under the USA Patriot Act. In Canada and several European countries, however, that data must be kept away from foreign jurisdictions at all times, making it illegal to store some personally-identifiable information of Canadian, French, or other citizens on U.S.-based servers. Further, all of these jurisdictions have differing requirements for storage security.

Steps Towards Securing Data In the Cloud

To move to the cloud, database professionals will first need to identify what types of compliance requirements they may have. Some data may have to remain in-house while other might be a good candidate for cloud services. If you have contracts that cover some of your data in regards to privacy policies, storage for clientele, etc., you will also need to review those contracts to be sure that the data can be stored off- site without breaching agreements.

Solutions for this may include finding services that guarantee storage of data only within a specific jurisdiction. For example, Amazon Web Services has “regions” for cloud storage and those who opt to keep their data within a specific geographic region (the U.S., North America, specific areas of the U.S. or Canada, etc.) may find that this keeps them in compliance. It comes with risks, however as witnessed by the area-wide outages some Amazon customers have had in the past.

Data Protection Points

Once data is flagged to be moved into the cloud, protection becomes critical. For cloud storage, there are generally three locations that the data will be at any given time:

1. At its fixed data storage locations

2. At the virtual machine doing the processing

3. In transit from the fixed storage to the virtual machine

Because of this less-central setup, administrators need to consider security of the data not only in storage, but also while in transit and in use. This requires three things:

1. Access control lists to secure who gets access to what data and when – already SOP for most databases stored centrally, but now to include some off- site administrative personnel from the storage provider.

2. Encryption during transit to ensure that the data is secure during transit to and from the processing machine and the database’s storage location. In this case, the data should be treated as if it were being accessed by remote personnel even if the processing machine is on-site.

3. Encryption at storage, in order to ensure access by cloud services provider personnel is limited to data movement only to avoid giving them access to potentially sensitive information. This provides another level of security that may also give better compliance for many types of very sensitive data such as personally-identifiable information and financial information storage.

Conclusion

By taking steps to classify and securely transmit and store information, the database administrator and management are likely to find that they are in compliance with most of the requirements they have. Carefully securing contracts that hold location compliance requirements in mind and encrypting it when it is stored on servers you do not control, you also protect yourself from liabilities that could come from others’ gaining access through legitimate methods but without your authorization – namely the staff at the contracted storage facilities for your cloud services.

By Michael Dorf,

Michael Dorf is a seasoned software architect and instructor with a M.S. in Software Engineering and a dozen years of industry experience. He is a co- founder of LearnComputer (learncomputer.com), an IT/Open Source training school based in San Francisco Bay Area. Our one-day Big Data Overview course is designed for IT managers who need a fast track to Big Data solutions available on the market today.

Follow Us!

CloudTweaks

Established in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with a small percentage provided by guest authors from around the globe, including CEOs, CIOs, Technology bloggers and Cloud enthusiasts. Our goal is to continue to build a growing community offering the best in-depth articles, interviews, event listings, whitepapers, infographics and much more...
Follow Us!

One Response to Steps To Secure Data In The Cloud

  1. Your paragraph on regulation is incorrect. In terms of Canada, BC and Nova Scotia have restrictions about government-controlled personal information, but that’s it.

Comics

At CloudTweaks, we're plugged into the cloud, the internet of things and all that the web has to offer. From wearable technology, to mobile computing, cloud computing and big data, CloudTweaks is your source for updates and news on the most innovative technology.

Popular

Top Viral Impact

Cloud Infographic – Cloud Computing And SMEs

Cloud Infographic – Cloud Computing And SMEs

Cloud Infographic – Cloud Computing And SMEs SMEs (Small/Medium Sized Enterprises) make up the bulk of businesses today. Most cloud based applications created today are geared toward the SME market. Accounting, Storage, Backup services are just a few of them. According to the European Commission, cloud based technology could help 80% of organisations reduce costs by…

Cloud Infographic: Cloud Public, Private & Hybrid Differences

Cloud Infographic: Cloud Public, Private & Hybrid Differences

Many people have heard of cloud computing. There is however a tremendous number of people who still cannot differentiate between Public, Private & Hybrid cloud offerings.  Here is an excellent infographic provided by the group at iWeb which goes into greater detail on this subject. Infographic source: iWeb About Latest Posts Follow Us!CloudTweaksEstablished in 2009,…

Five Signs The Internet of Things Is About To Explode

Five Signs The Internet of Things Is About To Explode

The Internet of Things Is About To Explode By 2020, Gartner estimates that the Internet of Things (IoT) will generate incremental revenue exceeding $300 billion worldwide. It’s an astoundingly large figure given that the sector barely existed three years ago. We are now rapidly evolving toward a world in which just about everything will become…

IBM and SAP Announce Industry’s Largest Cloud Deal

IBM and SAP Announce Industry’s Largest Cloud Deal

IBM and SAP Announce Industry’s Largest Cloud Deal IBM and SAP have shaken the cloud computing world this afternoon with the announcement of one of the largest cloud deals in the industry’s history – bringing together two of the largest technology companies in a bid to offer a more holistic service to their clients. SAP…

Featured Sponsors

Moving From Email Into The Cloud

Moving From Email Into The Cloud

Mobile Collaboration In The Cloud Imagine that you, as a manager, are told by the powers that be that you have to find “efficiencies” within your department that will result in one million dollars of savings annually. You struggle with this. You send an email to everyone on your senior team. “Where can we save…

Sponsors

Moving To The Cloud: A Smart Move Or Proceed With Caution?

Moving To The Cloud: A Smart Move Or Proceed With Caution?

Moving To The Cloud: A Smart Move Or Proceed With Caution? You hear it over and over again: The future of computing is in the cloud. Businesses should be moving to the cloud. If you’re not in the cloud, you’re behind the times. But trusting your essential data to a cloud may sound like a…

Placement Opportunities - Find Out!

Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

You can help continue to support our community by social sharing, sponsoring, partnering or contributing to this great educational resource.

Contact

CloudTweaks Media
Phone: 1 (212) 763-0021

Join Our Newsletter