Cloud storage offers the promises of infinite storage capacity without having to worry about power, space, cooling
and upgrades. But despite these advantages, many data centers have concerns about putting their data in the cloud. The biggest and most consistently voiced concern is the lack of security. There are several security considerations storage professionals should be aware of to ensure safe cloud storage for their critical data.
Data security remains the top concern of organizations looking to leverage cloud storage -- and for good reason. Once an IT department decides to move data to the cloud, it is putting the proverbial crown jewels of the organization on someone else's storage and into someone else's facility. At that point, it seems as if data is at the mercy of the cloud provider selected to store it. But if the data is properly encrypted and the encryption technology is properly managed, that's not necessarily true.
All data transmitted to and stored in the cloud should be encrypted and most, if not all, cloud storage providers offer encryption. Encryption safely allows data from two different organizations to be stored in the same storage infrastructure, while ensuring that neither organization can read the other's data. For example, using encryption, two soda companies should be able to store their unique formulas on the same cloud storage provider’s storage with no risk of exposure.
Encryption is only the first step. Organizations must then understand how the encryption keys are stored and managed. Many cloud storage providers maintain ownership of the encryption keys. Doing so allows them to offer additional assistance to their customers in terms of managing data and processes like backup and recovery of that data.
While having the cloud storage provider manage the keys may make life easier for the subscribing organization, it creates some security challenges an organization needs to be aware of.
- A legal discovery request made against a cloud storage provider for subscriber data. This is probably the most disconcerting problem, as the cloud service provider is under obligation to deliver that data. The cloud storage provider does not need the consent of the subscriber to do so.
- Malicious intent of a cloud provider employee. It is entirely possible that a disgruntled cloud provider employee could erase or alter an organization's data without permission if the cloud provider is allowed to maintain key ownership.
- File deletion. In many cases, deleting a file does not actually erase the file. It simply means it is marked for erasure, which means it can be easily unmarked. In addition, many cloud solutions replicate data for geographic convenience and redundancy. These extra copies of data can remain available for a considerable period of time.
The solution to these threats is for the subscribing organization to own the keys and store them locally. That way, data can only be accessed from a site that has the keys. A legal discovery request sent to the cloud service provider is useless since all they could deliver is encrypted data. By owning the encryption keys, the subscribing organization can make its own business decision as to whether or not it will deliver data to a discovery request.
Without the keys, rogue employees would not be able to alter or delete data. In theory, they might be able to delete an entire volume, but that would typically require a much higher level of security that only a very few individuals within a cloud provider would possess.
Finally, owning the keys would ensure that information that was intentionally deleted would in fact be deleted. If a section of data needed to be erased permanently, the encryption key for that data could be destroyed. Even if the encrypted data were to reside on the storage system forever, it would be in its encrypted state and unreadable.
The challenge with owning the encryption keys is that all data management functions would have to be done by the subscribing organization since the provider would have no visibility into the data. Managing encryption keys means the organization has to make sure those keys are not lost or compromised. If they were lost, the data would be as inaccessible to the organization as it would be for anyone else. As a result, a well thought-out chain of custody should be established to ensure that those keys are never lost.
A final area of exposure that can compromise a safe cloud storage environment is as much a problem for traditional data centers as it is for cloud providers: authentication. No matter where the keys are stored, once a user is authenticated into the cloud, they generally have free access to that data. Managing who is logged in and where they are logging in from is critical.
Once data is encrypted and the keys are appropriately managed, data is as safe in the cloud as it is in most data centers. A large majority of cloud storage products encrypt data before it is transmitted and keep it encrypted when it is stored or at rest. With that reality, a case could be easily made to back up the claim that data is more secure at a cloud storage provider's location than it is in an organization's own data center. While authentication is a concern, and it also needs to be controlled and monitored, that is not uniquely a cloud storage problem.
Users weigh in on Twitter: How secure is the cloud?
The ins and outs of cloud storage security