The Lighter Side Of The Cloud – Accountability
The Lighter Side Of The Cloud – The Escape
The Lighter Side Of The Cloud – The Vatican
Steps To Secure Data In The Cloud

Steps To Secure Data In The Cloud

Steps to Secure Data In the Cloud

Cloud computing and storage security is often one of the main stumbling blocks cited by those who’d like to reap the benefits of moving to the cloud, but believe they cannot. Data security is extremely important, but for many enterprises and markets, there can be no compromise in security. For those businesses, the idea of compromising security, even just a bit, in return for the vast benefits of going to the cloud were not possible.

cloud-thumbnail

Data security in the cloud is not impossible. Many industries that were previously unable to use cloud services for data storage are now able to do so thanks to new, real-world ways of securing data. There are real, practical methods for securing data in the cloud. When taking these steps, two things must be kept in mind:

  • Protecting data in real-world environments
  • Compliance requirements

Protecting data in the cloud involves many of the same requirements the data administrator will have when protecting data in a closed network. Sticking to CIA (Confidentiality, Integrity, and Availability) as the root protection method is still the best way to keep data secured. Analyzing and mitigating the most common security threats to your data requires considerations of the location of the data as well as its regulation within the scope of compliance.

Location of Data

Meeting compliance requirements for whatever standards regulate your business or industry is a serious obligation. For cloud storage, the biggest problem here is the location of the data. In most public cloud systems, your data’s geographic location may be random and is often unknown. It’s not unusual for single entry in the database to actually have multiple homes in the cloud, which can complicate the use of public cloud – or even make it impossible in some cases. Private clouds, however, often do not have this issue with locations of data being fixed (within certain parameters) or at least identifiable.

Regulation of Data

secure-data

As an example of protecting data while meeting compliance requirements, personally-identifiable information is often regulated quite differently from one jurisdiction to another – even country to country. In the U.S., any personally- identifiable information stored within the country borders must be available to law enforcement under the USA Patriot Act. In Canada and several European countries, however, that data must be kept away from foreign jurisdictions at all times, making it illegal to store some personally-identifiable information of Canadian, French, or other citizens on U.S.-based servers. Further, all of these jurisdictions have differing requirements for storage security.

Steps Towards Securing Data In the Cloud

To move to the cloud, database professionals will first need to identify what types of compliance requirements they may have. Some data may have to remain in-house while other might be a good candidate for cloud services. If you have contracts that cover some of your data in regards to privacy policies, storage for clientele, etc., you will also need to review those contracts to be sure that the data can be stored off- site without breaching agreements.

Solutions for this may include finding services that guarantee storage of data only within a specific jurisdiction. For example, Amazon Web Services has “regions” for cloud storage and those who opt to keep their data within a specific geographic region (the U.S., North America, specific areas of the U.S. or Canada, etc.) may find that this keeps them in compliance. It comes with risks, however as witnessed by the area-wide outages some Amazon customers have had in the past.

Data Protection Points

Once data is flagged to be moved into the cloud, protection becomes critical. For cloud storage, there are generally three locations that the data will be at any given time:

1. At its fixed data storage locations

2. At the virtual machine doing the processing

3. In transit from the fixed storage to the virtual machine

Because of this less-central setup, administrators need to consider security of the data not only in storage, but also while in transit and in use. This requires three things:

1. Access control lists to secure who gets access to what data and when – already SOP for most databases stored centrally, but now to include some off- site administrative personnel from the storage provider.

2. Encryption during transit to ensure that the data is secure during transit to and from the processing machine and the database’s storage location. In this case, the data should be treated as if it were being accessed by remote personnel even if the processing machine is on-site.

3. Encryption at storage, in order to ensure access by cloud services provider personnel is limited to data movement only to avoid giving them access to potentially sensitive information. This provides another level of security that may also give better compliance for many types of very sensitive data such as personally-identifiable information and financial information storage.

Conclusion

By taking steps to classify and securely transmit and store information, the database administrator and management are likely to find that they are in compliance with most of the requirements they have. Carefully securing contracts that hold location compliance requirements in mind and encrypting it when it is stored on servers you do not control, you also protect yourself from liabilities that could come from others’ gaining access through legitimate methods but without your authorization – namely the staff at the contracted storage facilities for your cloud services.

By Michael Dorf,

Michael Dorf is a seasoned software architect and instructor with a M.S. in Software Engineering and a dozen years of industry experience. He is a co- founder of LearnComputer (learncomputer.com), an IT/Open Source training school based in San Francisco Bay Area. Our one-day Big Data Overview course is designed for IT managers who need a fast track to Big Data solutions available on the market today.

Follow Us!

CloudTweaks

Established in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with a small percentage provided by guest authors from around the globe, including CEOs, CIOs, Technology bloggers and Cloud enthusiasts. Our goal is to continue to build a growing community offering the best in-depth articles, interviews, event listings, whitepapers, infographics and much more...
Follow Us!

One Response to Steps To Secure Data In The Cloud

  1. Your paragraph on regulation is incorrect. In terms of Canada, BC and Nova Scotia have restrictions about government-controlled personal information, but that’s it.

Popular Archives

The History Of Back-Ups

The History Of Back-Ups

The History of Back-Ups There’s no doubt about it – we are spoilt. With external hard-drives, CDs, USB memory sticks, SD cards, online storage and multiple devices with vast memories we can save, access and back up our data more easily and more efficiently than ever before. (Image Source: Maxim Yurin, SoftLogica)  It’s not always been…

Three Factors for Choosing Your Long-term Cloud Strategy

Three Factors for Choosing Your Long-term Cloud Strategy

Choosing Your Long-term Cloud Strategy A few weeks ago I visited the global headquarters of a large multi-national company to discuss cloud strategy with the CIO. I arrived 30 minutes early and took a tour of the area where the marketing team showcased their award winning brands. I was impressed by the digital marketing strategy…

PaaS vs Docker – why is it such a heated debate?

PaaS vs Docker – why is it such a heated debate?

PaaS vs Docker Docker started as just a software container on top of a Linux operating system which seemed like a simple optimization for a fat hypervisor. Its disruptive force however comes from the fact that it does force us to rethink many of the layers of the cloud stack. Starting from the way we…

Cloud Infographic – The Internet Of Things In 2020

Cloud Infographic – The Internet Of Things In 2020

The Internet Of Things In 2020 The growing interest in the Internet of Things is amongst us and there is much discussion. Attached is an archived but still relevant infographic by Intel which has produced a memorizing snapshot at how the number of connected devices have exploded since the birth of the Internet and PC.…

Cloud Infographic – Monetizing Internet Of Things

Cloud Infographic – Monetizing Internet Of Things

Monetizing Internet Of Things There are many interesting ways in which companies are looking to connect devices to the cloud. From the vehicles to kitchen appliances the internet of things is already a $1.9 trillion dollar market based on research estimates from IDC. Included is a fascinating infographic provided by AriaSystems which shows us some of the exciting…

Recent

Cloud Security Hottest Issue At RSA

Cloud Security Hottest Issue At RSA

Cloud Security Hottest Issue The integral integration of cyber security and cloud technology seemed to be the hottest issue at the busy RSA 2015 Conference in San Francisco. Interested parties packed security and cloud service booths for the duration of the conference. Several prominent publications covered the increased importance of securing their private information that’s…

Imperfect Security: The RSA Conference And The Illusion Of Safety

Imperfect Security: The RSA Conference And The Illusion Of Safety

The RSA Conference And The Illusion Of Safety This year’s 2015 RSA Conference is taking place from April 20th to 24th, in San Francisco, California. Here, security leaders from across the vast expanse of tech, politics, and more will gather to discuss the past, present, and future of security. From application security to technology infrastructure,…

The Lighter Side Of The Cloud – Day 5

The Lighter Side Of The Cloud – Day 5

By David Fletcher Are you looking to supercharge your Newsletter, Powerpoint presentation, Social media campaign or Website? Our universally recognized tech related comics can help you. Contact us for information on our commercial licensing rates. About Latest Posts Follow Us!CloudTweaksEstablished in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information.…

Contact Us

Sending

Technology Sponsors

hp Logo CityCloud-PoweredByOpenstack-Bluesquare_logo_100x100-01
cisco_logo_100x100 vmware citrix100
Site 24x7 200px-KPMG

Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

CloudTweaks Comic Library

Advertising