Your data, their cloud? Bring your own encryption keys

“Are you the Key Master?” “I am the Key Master, are you the Gate Keeper?” Those aren’t merely lines from the “Ghostbusters” movie, but the question IT has to ask more and more about protecting even encrypted data.

The goal of encryption is clear: To prevent unauthorized people from reading what they should not. Even if someone intercepts your messages or a cloud provider’s engineer opens your data stores, that encrypted data should be worthless without the key. Encrypted data must have a key (aka a cypher) to be unlocked.

Thus, protecting those keys — who has access to them — is the biggest challenge in safeguarding that data. Although your technology provider may offer tools to encrypt your data, you might need to do more to protect those keys and perhaps even bring your own.

To read this article in full or to leave a comment, please click here

from InfoWorld Cloud Computing


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s