How To Protect Data At Your Cloud Service Provider?

How To Protect Data At Your Cloud Service Provider?

How To Protect Data

Some of the world’s largest companies today operate entirely from the cloud or at least have a major portion of their services outsourced to a cloud environment. This trend is exponentially growing – as well know it. With cloud data storage pricing at all time with downward trends, how can you resist the temptation of not using cloud based data storage services? There are, however, shortcomings to this transition, and security concerns tops the list as the most commonly cited.

History-Data-Storage

Cloud storage, as the name suggests, primarily refers to the increasingly prevalent on-line storage services hosted at the cloud. There is potentially infinite storage capacity, redundancy, high availability, and stable performance offered by the cloud today. For instance, Amazon Web Services (AWS) offers cloud storage ranging from general data storage and backup of web databases. For corporations and users alike, using cloud based technologies provide ease of access, virtually no downtime or server crashes, non-existent application accessibility issues, etc.

In lieu of many alluring advantages of cloud computing, it also brings new security challenges; in particular, reliability, integrity, and privacy of data, since no direct control is available. While data security and confidentiality can be ensured by means of encryption and tokens, integrity of data remains a blurry task.

After data is moved to the cloud, for example, you essentially relinquish ultimate control over the data, which is now entirely managed by the cloud service provider. Scary thought as it may be, it is essential for you to be able to verify that your valuable data is still available at the cloud in its original form and is ready for retrieval when necessary. How do you know if your data is not corrupted, deleted or modified or moved from one server or another at the behest of your cloud service provider?

As a thought, one possibility for assuring high availability of outsourced data is through simple replication to other service providers, but this adds to your costs. Another option is to periodically review your data and have a workflow in place to retrieve data for verification purposes – similar to conducting audit checks. Nevertheless, both of these options are not that appealing. To mitigate these problems, a widely utilized approach is to employ a challenge-response mechanism.

A challenge response mechanism is basically a family of protocols in which one person sets a challenge, and person on the other end must provide a valid response or answer, thus completing the challenge. The main objective of this framework is that if cloud service provider stores incomplete or incorrect data will be unable to respond to the challenges correctly, allowing you to detect anomalies.

Another robust approach should be able to support an unbounded number of audit protocol interactions to ensure that the server’s misconduct at any time will be detected. In cloud storage, support for dynamic data operations can be of vital importance to both remote storage and database services. Most of the times, while conducting integrity verification of data, you may not be able to perform integrity check yourself, or members of your team may lack the necessary expertise, in that case, setting up an audit server might just do the trick for you.

The auditing server is a reliable and independent entity that challenges the cloud service provider on behalf of the clients and assures correctness of data storage, while not learning any information contained in the stored data. For improved efficiency, the auditing server could also perform batch auditing during which it simultaneously processes auditing requests from multiple users.

By Syed Raza

Sorry, comments are closed for this post.

Comics
What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

DDoS Attacks October 21st, 2016 went into the annals of Internet history for the large scale Distributed Denial of Service (DDoS) attacks that made popular Internet properties like Twitter, SoundCloud, Spotify and Box inaccessible to many users in the US. The DDoS attack happened in three waves targeting DNS service provider Dyn, resulting in a total of about three hours of service outage. The attack was orchestrated using a botnet of connected devices including a large number of webcams…

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Cloud Email Migration In today’s litigious society, preserving your company’s data is a must if you (and your legal team) want to avoid hefty fines for data spoliation. But what about when you move to the cloud? Of course, you’ve probably thought of this already. You’ll have a migration strategy in place and you’ll carefully select migration vendors to help you get there. All that remains is following the plan, right? Everything going well, your…

Three Factors For Choosing Your Long-term Cloud Strategy

Three Factors For Choosing Your Long-term Cloud Strategy

Choosing Your Long-term Cloud Strategy A few weeks ago I visited the global headquarters of a large multi-national company to discuss cloud strategy with the CIO. I arrived 30 minutes early and took a tour of the area where the marketing team showcased their award winning brands. I was impressed by the digital marketing strategy and the way they were clearly leveraging the world of social, mobile analytics and cloud. So I mentioned to our…

Don’t Be Intimidated By Data Governance

Don’t Be Intimidated By Data Governance

Data Governance Data governance, the understanding of the raw data of an organization is an area IT departments have historically viewed as a lose-lose proposition. Not doing anything means organizations run the risk of data loss, data breaches and data anarchy – no control, no oversight – the Wild West with IT is just hoping for the best. On the flipside, opening the hood and checking if policies or regulations are being respected means you…

Why Security Practitioners Need To Apply The 80-20 Rules To Data Security

Why Security Practitioners Need To Apply The 80-20 Rules To Data Security

The 80-20 Rule For Security Practitioners  Everyday we learn about yet another egregious data security breach, exposure of customer data or misuse of data. It begs the question why in this 21st century, as a security industry we cannot seem to secure our most valuable data assets when technology has surpassed our expectations in other regards. It’s getting worse: McKinsey in conjunction with the World Economic Forum have estimated that failing cyber security approaches could have…

Achieving Network Security In The IoT

Achieving Network Security In The IoT

Security In The IoT The network security market is experiencing a pressing and transformative change, especially around access control and orchestration. Although it has been mature for decades, the network security market had to transform rapidly with the advent of the BYOD trend and emergence of the cloud, which swept enterprises a few years ago. The market persevered, weathering the “end of perimeter security” claims and adapting to become more flexible and dynamic, reaching beyond…

Is Machine Learning Making Your Data Scientists Obsolete?

Is Machine Learning Making Your Data Scientists Obsolete?

Machine Learning and Data Scientists In a recent study, almost all the businesses surveyed stated that big data analytics were fundamental to their business strategies. Although the field of computer and information research scientists is growing faster than any other occupation, the increasing applicability of data science across business sectors is leading to an exponential deficit between supply and demand. When a 2012 article in the Harvard Business Review, co-written by U.S. chief data scientist…

Cyber Criminals Are Business People Too

Cyber Criminals Are Business People Too

Cyber Crime Business You’re on the morning train on the way to work and take a look at the guy next to you. He’s clean-cut, wearing a crisp suit and holding a leather briefcase just like dozens of others. Just another worker headed to the office, right?. Yes, but not in the way you think he is. That person is going to work but rather than creating reports and spreadsheets, he’s part of a criminal…

Digital Identity Trends 2017 – Previewing The Year Ahead

Digital Identity Trends 2017 – Previewing The Year Ahead

Digital Identity Trends 2017 The lack of security of the Internet of Things captured public attention this year as massive distributed denial of service attacks took down much of the internet. The culprits? Unsecured connected devices that were easily accessed and manipulated to do the bidding of shadowy hackers. When you can’t access Netflix anymore, cybersecurity is suddenly a dinner table conversation. Looking forward to 2017, we expect security to continue to be a point…