Why you need to encrypt data in the cloud

Making the Most out of Data Encryption in the Cloud
Who has access to your data in the cloud?

The move by large US cloud providers to upgrade their encryption levels speaks to the relevance of data encryption in the cloud for securing sensitive data and complying with data privacy regulations worldwide.

Encryption isn't a yes or no, cut and dry matter. Once you've committed to encrypting your data, you must then figure out how, to what extent and which data you must encrypt. Keep these guidelines in mind as you develop your cloud encryption strategy.

Realise you have options for encryption

Not all your data will require encryption in the cloud, nor should it. That would be an expensive and ultimately counter-productive undertaking. Nor should all your data be encrypted in the same way.

What works for names may not work as well for social security numbers; for functionality's sake, credit card numbers may need their formats preserved in ways that mailing address information does not.

Because of these conditions, your cloud encryption solution should provide a variety of options, including:

  • Index tokens and pads, which replace data with cryptographic tokens or encrypt and decrypt them using single-use, randomly generated private keys.
  • Strong cryptography, which PCI defines as encryption based on "industry-tested and accepted algorithms," for example AES, used in conjunction with strong key lengths and proper key management practices.
  • Data storage life cycle management: encryption in the cloud can only be considered truly secure and effective if it persists throughout the life cycle of the data stored in the cloud.

But when it comes to data stored by a third-party cloud service provider (CSP), how can you truly know the life cycle of your data?

Uncertainties surrounding archive, backup and the timely deletion of data, either on your schedule or upon your request, make determining the life cycle of information stored in the cloud a difficult affair. To get around this issue, you need to make sure that no matter how long your data lives in the cloud, your organisation is the only one that holds the keys to it – and therefore is the only one that can access it.

That way, when you've decided that the time has come to destroy your data, all you need to destroy is your key. Deleting that key will "digitally shred" your data, rendering it useless to prying eyes no matter how long it exists in the cloud.

As researchers discussed in the International Journal of Engineering and Advanced Technology, storing data in the cloud results in security risks since "the cloud data can be accessed by everyone."

It then notes that "a prevention measure is needed to secure the data from unauthenticated users or intruders." Encryption in the cloud alone may not fully mitigate these risks, either, since any CSP insider with the encryption key can access the data.

What does this all mean?

To start, fully secure your data by encrypting confidential information in the cloud in the appropriate manner for the designated fields. As an additional security control, exclusively retain the keys.

You must also ensure that whoever holds the encryption keys in your own organization is justified in having access. For that reason, granular data access control policy is a must.

As you look for ways to implement effective encryption in the cloud to secure your data and ensure regulatory compliance, make sure your cloud information protection program includes these critical elements.

Without them, your data's about as safe as a fortune stored in a vault to which too many people have the keys.

  • Paige Leidig has 20 years of experience in technology, marketing, and selling enterprise application solutions and managing trusted customer relationships. As SVP of Marketing, he is responsible for all aspects of marketing at CipherCloud.
Latest in Security
Data leak
Top home hardware firm data leak could see millions of customers affected
Representational image depecting cybersecurity protection
Third-party security issues could be the biggest threat facing your business
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Android Logo
Devious new Android malware uses a Microsoft tool to avoid being spotted
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Latest in News
Buzz Lightyear Space Ranger Spin Rennovations
Disney’s giving a classic Buzz Lightyear ride a tech overhaul – here's everything you need to know
Hisense U8 series TV on wall in living room
Hisense announces 2025 mini-LED TV lineup, with screen sizes up to 100 inches – and a surprising smart TV switch
Nintendo Music teaser art
Nintendo Music expands its library with songs from Kirby and the Forgotten Land and Tetris
Opera AI Tabs
Opera's new AI feature brings order to your browser tab chaos
An image of Pro-Ject's Flatten it closed and opened
Pro-Ject’s new vinyl flattener will fix any warped LPs you inadvertently buy on Record Store Day
The iPhone 16 Pro on a grey background
iPhone 17 Pro tipped to get 8K video recording – but I want these 3 video features instead