The adoption of multi-cloud drives the need for better data protection and management of encryption keys an… – Security Boulevard

Enterprise adoption of multiple cloud platforms continues in earnest, whether its aimed at improving collaboration, reducing data center footprint, increasing customer response times, or any number of other business goals. As organizations advance their multi-cloud strategies, they are tasked with applying consistent security configurations across workloads and applications. They must also implement data protection that addresses todays threat vectors and aligns with stringent compliance and audit requirements.

Encrypting cloud data is essential to protecting sensitive information and workloads but it needs to be done correctly to be effective and meet compliance mandates. A recent report from Forrester, Best Practices: Cloud Data Encryption, articulates several important recommendations, notably:

These security measures are critical to protecting your cloud data and workloads, and its vital to get them right from the outset.

Multi-cloud computing is here to stay and so are the complexities associated with protecting your data and workloads.

Administrative challenges of managing cloud environments

While cloud service providers continue to enhance their built-in security capabilities, the teams tasked with managing cloud environments face a constant battle to fine-tune their configurations and permissions. As exemplified by numerous data breaches over the past few years, misconfigured cloud storage settings are a common, yet often unidentified, trouble spot.

Each cloud platform is unique and, even if you manage to get a handle on who has access to which data and workloads, keeping up with providers updates and new controls requires constant vigilance. And as the shortage of skilled security professional persists including those with expertise working across multiple cloud platforms these challenges arent going away.

Demonstrating compliance

Identifying and implementing the right security controls is one challenge, while demonstrating compliance with data privacy regulations and industry mandates is another. Security teams cite specific concerns about being able to verify controls and how to report compliance in an auditor-approved format.

As compliance and audit requirements continue to get more stringent, nearly every enterprise is now subject to at least one mandate that calls for the use of data encryption. And as the Forrester report discusses, data encryption is a must-have for cloud workloads. This necessary security measure comes with its own administrative upkeep that can be difficult to handle without the right tools in place.

Cloud data encryption: Getting it right

Workloads go through many lifecycles, from staging to deployment to backup, and eventually have to be securely decommissioned. Each stage poses different risks of potential data theft or other misuse. Managing workload encryption from each clouds management platform is complex and further increases the risk of inconsistent policies and mistakes.

Additionally, an encryption strategy that aligns with compliance mandates requires robust key management. Unfortunately, key management is not universal across cloud platforms so the security team must contend with key storage, distribution, rotation, and revocation in multiple environments.

Whats more, when encryption keys are not completely separated from the workloads and data they protect, the potential exists for a security incident that compromises both, leaving data exposed to a breach. Best practices call for the use of certified HSMs to protect your encryption keys.

Entrust can help

Entrust offers a robust set of security solutions to help you protect workloads and data across your multi-cloud infrastructure, including enhanced protection of your encryption keys that supports compliance with data privacy mandates.

The post The adoption of multi-cloud drives the need for better data protection and management of encryption keys and policy controls appeared first on Entrust Blog.

*** This is a Security Bloggers Network syndicated blog from Entrust Blog authored by Jim Delorenzo. Read the original post at:

View post:
The adoption of multi-cloud drives the need for better data protection and management of encryption keys an... - Security Boulevard

Related Post

Comments are closed.