Enterprise adoption of multiple cloud platforms continues in earnest, whether its aimed at improving collaboration, reducing data center footprint, increasing customer response times, or any number of other business goals. As organizations advance their multi-cloud strategies, they are tasked with applying consistent security configurations across workloads and applications. They must also implement data protection that addresses todays threat vectors and aligns with stringent compliance and audit requirements.
Encrypting cloud data is essential to protecting sensitive information and workloads but it needs to be done correctly to be effective and meet compliance mandates. A recent report from Forrester, Best Practices: Cloud Data Encryption, articulates several important recommendations, notably:
These security measures are critical to protecting your cloud data and workloads, and its vital to get them right from the outset.
Multi-cloud computing is here to stay and so are the complexities associated with protecting your data and workloads.
Administrative challenges of managing cloud environments
While cloud service providers continue to enhance their built-in security capabilities, the teams tasked with managing cloud environments face a constant battle to fine-tune their configurations and permissions. As exemplified by numerous data breaches over the past few years, misconfigured cloud storage settings are a common, yet often unidentified, trouble spot.
Each cloud platform is unique and, even if you manage to get a handle on who has access to which data and workloads, keeping up with providers updates and new controls requires constant vigilance. And as the shortage of skilled security professional persists including those with expertise working across multiple cloud platforms these challenges arent going away.
Identifying and implementing the right security controls is one challenge, while demonstrating compliance with data privacy regulations and industry mandates is another. Security teams cite specific concerns about being able to verify controls and how to report compliance in an auditor-approved format.
As compliance and audit requirements continue to get more stringent, nearly every enterprise is now subject to at least one mandate that calls for the use of data encryption. And as the Forrester report discusses, data encryption is a must-have for cloud workloads. This necessary security measure comes with its own administrative upkeep that can be difficult to handle without the right tools in place.
Cloud data encryption: Getting it right
Workloads go through many lifecycles, from staging to deployment to backup, and eventually have to be securely decommissioned. Each stage poses different risks of potential data theft or other misuse. Managing workload encryption from each clouds management platform is complex and further increases the risk of inconsistent policies and mistakes.
Additionally, an encryption strategy that aligns with compliance mandates requires robust key management. Unfortunately, key management is not universal across cloud platforms so the security team must contend with key storage, distribution, rotation, and revocation in multiple environments.
Whats more, when encryption keys are not completely separated from the workloads and data they protect, the potential exists for a security incident that compromises both, leaving data exposed to a breach. Best practices call for the use of certified HSMs to protect your encryption keys.
Entrust can help
Entrust offers a robust set of security solutions to help you protect workloads and data across your multi-cloud infrastructure, including enhanced protection of your encryption keys that supports compliance with data privacy mandates.
The post The adoption of multi-cloud drives the need for better data protection and management of encryption keys and policy controls appeared first on Entrust Blog.
*** This is a Security Bloggers Network syndicated blog from Entrust Blog authored by Jim Delorenzo. Read the original post at: https://blog2.entrust.com/blog/2021/08/the-adoption-of-multi-cloud-drives-the-need-for-better-data-protection-and-management-of-encryption-keys-and-policy-controls/
- WhatsApp rolls out encryption for chats backed up in the cloud - Mashable - October 17th, 2021
- WhatsApp now lets users encrypt their chat backups in the cloud - TechCrunch - October 17th, 2021
- Meet the Alliance for Encryption in Latin America and the Caribbean - EFF - October 17th, 2021
- Apples plan to scan images will allow governments into smartphones - The Guardian - October 17th, 2021
- WhatsApp to bring in encryption for backup chats after privacy fears - The Guardian - October 15th, 2021
- WhatsApp end-to-end encrypted backups are rolling out on both Android and iOS - GSMArena.com news - GSMArena.com - October 15th, 2021
- Encryption: Why security threats coast under the radar - Philstar.com - October 15th, 2021
- Encryption Management Solutions Market 2021 : Industry Analysis ,Size, Share, Revenue, Prominent Players, Developing Technologies, Tendencies and... - October 15th, 2021
- TLS Support Redis - October 12th, 2021
- Signal >> Documentation - October 12th, 2021
- Encryption Consulting announces their first-ever virtual conference - "Encryption Consulting Virtual conference 2021." - Tyler Morning... - October 12th, 2021
- [Update: Rolling out] WhatsApp adds end-to-end encryption for Android cloud backups - 9to5Google - October 12th, 2021
- Homomorphic Encryption Market New Coming Industry to Witness Great Growth Opportunities in Coming Years From 2021 to 2027: Microsoft (US), IBM... - October 12th, 2021
- SmartKargo Incorporates EDIfly Advanced Aviation Messaging At No Cost for Customers of its E-Commerce Logistics Solution - Yahoo Finance - October 12th, 2021
- No outages, no data leaks: The new WhatsApp killer built on the blockchain creates privacy-focused encrypted messenger - Cointelegraph - October 12th, 2021
- Mosyle's $ 16M Series A Drives Growth by Launching the Mosyle Business with the Market's First Encrypted DNS Filtering and Security Solution -... - October 6th, 2021
- Tips to Secure and Encrypt your WIFI Network Security - H2S Media - October 6th, 2021
- Data Encryption Standard (DES)? - All You Need to Know | Techfunnel - TechFunnel - October 4th, 2021
- XSOC CORP Recognized by CyberSecurity Breakthrough Awards Program for Overall Encryption Solution of the Year - Business Wire - October 4th, 2021
- Encryption: Why security threats coast under the radar - Express Computer - October 4th, 2021
- Hardware Encryption Devices Market 2021 Technology Development, Key Manufacturers, Forecast Based on Major Drivers and Trends Up to 2027 - Digital... - October 4th, 2021
- Container security without governance is neither secure nor governed - The Register - October 4th, 2021
- Sectigo Certificate Manager Wins 2021 CyberSecurity Breakthrough Award for Overall Encryption Solution Provider of the Year - PRNewswire - October 4th, 2021
- Customs and Border Protection Signs Major Contract With Amazon-Owned Encrypted Chat App Wickr - Gizmodo - October 4th, 2021
- Encryption cant be used as excuse to deny sharing details to law enforcement: Govt - The Financial Express - October 4th, 2021
- Facebook announces WhatsApp end-to-end encrypted (E2EE) backups - Techiexpert.com - TechiExpert.com - October 4th, 2021
- Bluefin Issues New Payment Security Brief on PCI-validated P2PE for Petroleum and Convenience Stores - PR Web - October 4th, 2021
- Get a lifetime of easy, automatic encryption for all of the files on your computer for just $30 - ZDNet - September 24th, 2021
- Tide encryption is ready to end the cyber breach pandemic - TechCrunch - September 24th, 2021
- The FBI has kept the presence of the encryption key secret from Casey for three weeks. - Cheraw Chronicle - September 24th, 2021
- Braves non-tracking, browser-based video conferencing tool is out of beta - TechCrunch - September 24th, 2021
- 5 ways to stay ahead of government-targeted ransomware - GCN.com - September 24th, 2021
- Encryption Software Market expectation surges with rising demand and changing trends by industry analysis through 2026 Stillwater Current -... - September 24th, 2021
- What Is a Hardware Security Module? HSMs Explained - Hashed Out by The SSL Store - September 24th, 2021
- Making the Most from WEP - Wi-FiPlanet.com - Wi-Fi Planet - September 24th, 2021
- Brave, the startup behind untracked browser-based video conferencing tool is out of beta - Security News - BollyInside - September 24th, 2021
- Hardware Encryption Devices Market Is Expected To Witness Healthy Growth At A CAGR Of More Than 40% - Herefordshire Live - Herefordshire Live - September 24th, 2021
- WhatsApp launches encryption in iCloud and Google Drive backups - InTallaght - September 24th, 2021
- WhatsApp boosts end-to-end encryption - BusinessTech - September 17th, 2021
- WhatsApp to offer encryption on cloud backups: Heres all you need to know - India Today - September 17th, 2021
- London's Top Cop Says 'Big Tech,' Encryption Are Letting The Terrorists Win - Techdirt - September 17th, 2021
- Zoom unveils new security features including end-to-end encryption for Zoom Phone, verified identities and... - ZDNet - September 15th, 2021
- Insights on the Hardware Encryption Global Market to 2026 - by Algorithm & Standard, Architecture, Product, Application and Region - PRNewswire - September 15th, 2021
- Light Start: WhatsApp rolls out backup encryption, LG is more attractive, Google goes dark and iPhones only laak gud vaabs Stuff - Stuff Magazines - September 15th, 2021
- Revenant REvil. WhatsApp offers encryption. Hortum spyware in Turkey. Update on the UN data breach. Healthcare breaches disclosed. - The CyberWire - September 15th, 2021
- How a glitch in the Matrix led to apps potentially exposing encrypted chats - The Register - September 15th, 2021
- Secure cloud storage: which are the most secure providers? - ITProPortal - September 15th, 2021
- WhatsApp is finally allowing users to encrypt chat backups uploaded to iCloud and Google Drive - Buzz.ie - September 15th, 2021
- WhatsApp is adding encrypted backups - The Verge - September 11th, 2021
- What Is Fully Homomorphic Encryption (FHE)? - CIO Insight - September 11th, 2021
- WhatsApp end-to-end encrypted messages arent that private after all - Ars Technica - September 11th, 2021
- UK government backs Apple, and wants to scan encrypted messages for CSAM - 9to5Mac - September 11th, 2021
- VPN and Email Encryption Provider, WiTopia, Inc., Is Now Raising Capital Via StartEngine - PRNewswire - September 11th, 2021
- Future in the cloud for encryption - Capacity Media - September 8th, 2021
- WhatsApps Claims Of End-To-End Encryption Might Be Entirely True - Ubergizmo - September 8th, 2021
- Debunking Wi-Fi Security Myths: Wi-Fi Encryption Is Weak - TechSpective - September 8th, 2021
- WhatsApp Flaw Casts Doubt on End-to-End Encryption - Security Boulevard - September 8th, 2021
- Bluefin Receives U.S. Patent on Systems for Vaultless Tokenization and Encryption - WFMZ Allentown - September 8th, 2021
- Priti Patel backs ad campaign that criticises Facebook's stance on end-to-end encryption - Graham Cluley Security News - September 8th, 2021
- EXCLUSIVE: What's in the new zero-trust strategy - Politico - September 8th, 2021
- 3 ways to protect yourself from cyberattacks in the midst of an IT security skill shortage - Help Net Security - September 8th, 2021
- Apple Has Betrayed Its Privacy Legacy and Will Undermine End-to-end Encryption Everywhere - Privacy News Online - September 8th, 2021
- IBM's first 7nm Power10 chip arrives in E1080 server system with a wealth of shiny features - The Register - September 8th, 2021
- Cryptomator Vs. BoxCryptor: Which One Is The Best Encryption Software? - Analytics Insight - August 26th, 2021
- Why you should encrypt your data on your computer and how to do it - The Star Online - August 26th, 2021
- Video end-to-end encryption on Ring to be available worldwide - ITP.net - August 26th, 2021
- What is a Vocoder? How an audio encryption device used in WW2 became the sound of electro and modern pop - Mixdown - August 26th, 2021
- Privacera partners with StreamSets to strengthen data security for ETL processing in the cloud - Help Net Security - August 26th, 2021
- R400m cocaine-in-a-boat accused used encryption app to communicate - TimesLIVE - August 26th, 2021
- Evervaults encryption as a service is now open access - TechCrunch - August 24th, 2021
- How to Encrypt Your Own Windows and Mac Devices (and Why You Need To) - Lifehacker - August 24th, 2021
- Why encryption is the key to digital fitness, according to Thales - iTnews - August 24th, 2021
- How to check each of your WhatsApp chats are ACTUALLY private right now and not being intercepted by h... - The Sun - August 24th, 2021
- WebCam: How Australia paved the way for Apple's encryption backflip - Crikey - August 24th, 2021
- Staggering 400% rise in child sexual abuse images detected by Facebook as fears over encryption plans g... - The Sun - August 24th, 2021
- Hardware-based Full Disk Encryption Market 2021 and Analysis to 2027 Micron Technology Inc, Seagate Technology PLC, Toshiba, Intel - The Market... - August 24th, 2021
- WhatsApp could soon have an iPad app for the first time - Engadget - August 24th, 2021
- Facebook is bringing end-to-end encryption to Messenger calls and Instagram DMs - TechCrunch - August 14th, 2021
- Apple opens the encryption Pandora's box - Axios - August 14th, 2021
- How to encrypt your computer (and why you should) - Mashable - August 14th, 2021