Effective Encryption of Cloud Resources
As cloud infrastructure and services take over the corporate IT environment, sophisticated data breaches continue to increase in number. With the proliferation of off-premise IT infrastructure, it has become indispensable to fortify digital assets in the cloud. Going by the adage— security is only as strong as its weakest link—organizations must pinpoint and strengthen the weakest links in their security measures and programs to effectively thwart the possibilities of data leaks in the cloud.
Potential data loss can occur due to multiple reasons: unencrypted data in transit or at rest and unprotected encryption keys being the major ones. In case of data in transit—between cloud and on-premise or user devices, two different clouds, or two applications running on separate servers—encrypting the data is critical in making it difficult to intercept and breach. Hackers can also discern an easy entry to data at rest by illegally accessing the storage if the data is not encrypted. Failing to encrypt data with effective key protection and inadequate security of master keys are other important concerns that organizations are in dire need to address.
The question that arises is how should organizations confront these challenges to ensure a resilient security posture that can obstruct modern-day threats? Enforcing authenticated and authorized access to cloud data and encrypting sensitive data at all stages are crucial. IPSec and TLS are secure data communication technologies that ensure the safety of data while in transit. For data at rest, enterprises must implement a combination of file, database, disk, and enterprise-level encryption depending upon the location of the data. Deviating from traditional key protection processes and measures, organization IT should adopt alternative key protection solutions that are better suited for the flexible software-defined environment of the cloud.
By Leni Kaufman, VP & CIO, Newport News Shipbuilding
By George Evans, CIO, Singing River Health System
By John Kamin, EVP and CIO, Old National Bancorp
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
By Gregory Morrison, SVP & CIO, Cox Enterprises
By Alberto Ruocco, CIO, American Electric Power
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
By Sergey Cherkasov, CIO, PhosAgro
By Pascal Becotte, MD-Global Supply Chain Practice for the...
By Stephen Caulfield, Executive Director, Global Field...
By Shamim Mohammad, SVP & CIO, CarMax
By Ronald Seymore, Managing Director, Enterprise Performance...
By Brad Bodell, SVP and CIO, CNO Financial Group, Inc.
By Jim Whitehurst, CEO, Red Hat
By Clark Golestani, EVP and CIO, Merck
By Scott Craig, Vice President of Product Marketing, Lexmark...
By Dave Kipe, SVP, Global Operations, Scholastic Inc.
By Meerah Rajavel, CIO, Forcepoint
By Amit Bahree, Executive, Global Technology and Innovation,...
By Greg Tacchetti, CIO, State Auto Insurance