Data stored in the cloud must be protected against unauthorized access and changes. The more secure and comprehensive the protection, the more data volume and variety can increase.
While articles on this topic abounds, it is often quite confusing and fragmented so I’ve wanted to share a few ideas with you on the subject.
The lifecycle of data is a constant that can prove a particularly useful tool for any kind of cloud service. However, things can get complicated for certain lifecycle phases depending on the kind of service. Different data security methods are used for Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).
life cycle of data: reference model
The lifecycle of data in a cloud breaks down into five major steps: data is transferred to the cloud, stored there, used, recovered and eventually destroyed. At each step, different access control and encryption measures can be taken to ensure data security.
the foundation: access control
Data access is controlled using authorization mechanisms: a person (or system/program) has to present his/her credentials in order to access data. All techniques, systems and means of controlling access fall under Identity and Access Management (IAM). As IAM is a very broad topic, I suggest we put it aside for now.
data transfer: everything’s under control
Sending data from a company’s internal systems to the cloud and retrieving it are the best-protected steps. The company can either encrypt data internally and then send it, or use transport layer security with encryption.
In the latter category, the Internet Protocol Security (IPsec) and Secure Sockets Layer (SSL) protocols are quite widespread. Combined with authentication based on asymmetric keys (public-key cryptography, for example), these protocols make it possible to transmit data to or from the cloud in total security. This is a comfort zone with existing standards and reliable, easy-to-use systems.
things get tricky with data storage
Once sent to the cloud, data is stored there. In the absence of any recognized standard, the use of encryption depends entirely on the service provider, and it is not always clear how their systems operate.
To ensure data remains available when stored in the cloud (as in BaaS – Backup as a Service), it is best to encrypt it before transfer. Cloud customers have to carry out this process on their own (or use tools made available by their service provider).
Obviously, in the case of SaaS, only the service provider can handle encryption; the end-user has a nearly non-existent role and therefore virtually no control. IAM is even more critical here than in the case of BaaS, where encryption can be performed at the source.
Though it may not be a walk in the park, there are several solutions available for "at rest” or stored data. The situation is even more complicated for data that needs to be used in the cloud.
no standards for data used in the cloud
No solution currently exists for data that must be used in the cloud where it is stored. Let’s take the example of a virtual machine (VM) deployed in an IaaS cloud. The VM uses a file system to store the operating system, applications and application data. Even if the file system is encrypted, the encryption keys have to be included in the VM for it to work. So if an attacker manages to recover the keys, he/she can access the data on the VM hard disk.
In this case, data security will depend on the access management measures put in place for external access and cloud administrators/users. Trusting your service provider thus becomes even more important when it is handling your VMs. The same goes for any cloud application (webmail, customer relationship management applications, document management, etc.).
encryption: a key ally in data destruction
Once data has been recovered from the cloud, it’s important to make sure that it disappears completely. You have to ask your service provider about its data deletion policies, resources, and procedures. However, doubt can still persist, which is when encryption can lend a helping hand.
Without the decryption key, pre-encrypted data is entirely worthless: so to destroy data, simply throw the encryption key away. This ensures that data remains inaccessible even if your cloud provider puts the key under the doormat without warning.
the importance of a trusted service provider
Methods for securing data in the cloud still leave much to be desired (except for those used during transfer). Until standards are developed and implemented by service providers, trusting your own provider is absolutely essential.
Trust is gained over time and must be maintained; rather than taking a giant leap into the unknown, I recommend that you choose a service provider you trust, who knows your needs and constraints. At the same time, never err on the side of blind trust. A tight contract and a meticulous, in-depth analysis of the provider’s security practices are required steps in the selection process.
Jean-François
PS : this post was originally published in French here.
crédit photo : © grinfen - Fotolia.com
Au sein de la direction sécurité du Groupe Orange, je suis en charge de la veille sécurité et de la sensibilisation à la sécurité. Franchise, optimisme et bonne-humeur sont mes moteurs quotidiens