Page 7 - CDM-Cyber-Warnings-March-2014
P. 7
With the introduction of virtualization and transformation in how security is deployed, next- generation data encryption solutions optimized for the cloud have emerged, allowing cloud providers and managed service providers (MSP) to offer Encryption as-a-Service (EaaS). This new offering provides all organizations with a simple and effective way to secure their sensitive cloud data. Encrypting data in the cloud can help companies address a broad range of concerns by protecting data from unwanted eyes and internal and external data theft as well as providing a realistic way to destroy your data. EaaS use cases are quite numerous with examples including: securing hosted virtual desktops and associated user data; securing content repositories such as MS SharePoint; protecting the integrity of boot volume images; encrypting critical workgroup files, folders; and securing entire application stacks in very sensitive work environments. Whatever the case may be, the concept of EaaS offers an elegant and effective solution to segregate and protect data in a multi-tenant cloud architecture. Offering Encryption as a Service Although there are many technical approaches, typically EaaS involves the cloud service provider deploying a virtual storage encryption appliance that logically resides between the customer’s application and/or workload and cloud providers physical storage array. Provisioning and deployment is easy as customers merely need to mount the storage encryption appliance as the target storage location using standard interfaces such as NFS, CIFS & iSCSI. Vital to success in encryption is the key control as the key manager ultimately determines who has access to the encrypted data. Best practices place encryption and security keys in the hands of the data owner and not the cloud provider. More mature EaaS offerings offer the ability for the customer to extend data encryption to secure workloads in other parts of their cloud, including the private data center or even other public cloud instances. As a result, the customer has full control over their data wherever it may be hosted throughout their hybrid cloud. EaaS provides cloud customers a simple data security solution that solves some of the top hesitations associated with moving enterprise workloads to the cloud. Essentially, by instilling trust and removing barriers, EaaS becomes a cloud-enabler. For cloud service providers, the technology enables new value-added services to be offered on top of existing as-a-Service offerings, driving new revenue streams and providing competitive differentiation from other service providers in a crowded marketplace. " # % " $ " # ! !