The reduced costs of cloud computing require enterprises to consider it seriously, while its risks make it a difficult proposition for many – a dynamic that frames a critical encryption key management use case.
The economic realities for almost any type of data processing or data storage make an irrefutable case for migrating to the cloud. This is only the latest instance where data processing aggregators can reduce the item costs through scale. Allocating fixed costs across a broader base reduces how much has to be allocated to each item. Volume, current and anticipated, financially justifies making large lot purchases of needed technology, hardware and software, yielding increase negotiating leverage with vendors. Both the scale and the leverage reduce the variable costs, compared to what any individual customer can achieve internally (outside of the very largest, top 1-2%). Those that delay or refrain from taking advantage of cloud computing’s economies are operating at a financial disadvantage with competitors who do take advantage of it. This was true when I started in technology, a time when time sharing on mainframe computers in centralized data centers was the start of the art, and remains true now.
Setting Microeconomics 101 aside, other realities intersect and interfere. Once data moves from an enterprise into a multi-tenant shared compute space managed by third party system administrators and engineers, ensuring the privacy of sensitive data becomes difficult to guarantee. It is implicit that unprotected “clear text” data sent to the cloud, whether for processing or for storage, is available for inspection, copy, even alteration by employees of the cloud provider. Regardless of the SAS 70 or SSAE 16 audit report attestations that a cloud provider may offer, there will always be a tangible residual risk of fraudulent actions by their staff. Even when the cloud provider states they encrypt all the data they host, some number of system administrators and others at the provider have access to the decryption keys – they have to, so data can be decrypted when the owners need it back.
For an enterprise to commit any sensitive data to the cloud, it must be protected to mitigate the risk of fraud. Current consensus best practice is to encrypt the data before it goes to the cloud, and ensure that neither the cloud provider nor any of its staff has access to the decryption keys. The scenario describes one of the highest profile encryption key management use cases in the minds of executives today. The workflow is straight forward enough for data that will be stored at rest in the cloud (“the great storage parking lot in the cloud”), and can be done with tools as simple as common GUI or command line archiving utilities like ZIP and RAR. The issue gets to be more complex with the more economically beneficial use case of computing in the cloud.
Both IaaS and PaaS offer elastic, on-demand access to computing capacity, frequently with a pure pay-for-what-you-use model – it can be an excellent alternative to maintaining the hardware, software licenses, and staff expertise required to support processing in-house. However, when the data processed in the cloud includes payment card data (see our PCI compliance checklist for an expansion), private health information (PHI -- see an expanded definition at the bottom of this page), employee data subject to both HIPAA and safe harbor regulation, and the like, the enterprise desiring to use cloud computing faces obstacles. To gain the advantages of the cloud benefits of scale, they must create or obtain the means to 1) ensure the sensitive data is always encrypted as it is sent to and while in the cloud, except when explicitly needed to complete a processing step, and 2) deploy this capability in such a manner as prevent the cloud provider from ever having access to the decryption key. Successfully deploying an encryption key management solution addressing this need stands to unlock millions of dollars in cost reductions for data-intensive enterprises processing sensitive or regulated data.
Look for the next entry in this series next week, when I discuss the implications that national security has on this same circumstance.
For an excellent analysis of cryptographic key management issues and potential solutions, click on the image below to hear authoritative data security analyst, Adrian Lane, offer this perspectives.