For the first time ever, we are seeing that more enterprises are moving more workloads to the cloud than their data centres.ย With these new applications, they are also sending sensitive data to the cloud, and, in some cases, ignoring the risk of that data being compromised.
In fact, today, nearly two-thirds of enterprises are using SaaS applications, while the percentage of workloads deployed to the cloud is expected to rise from 41 percent to 60 percent in the next two years. And itโs not hard to understand why; cloud services eliminate the need for internal infrastructure, maintenance and support, improve productivity and ultimately reduce costs.
However, where there are rewards, there are also risks. As information moves to the cloud, data may be under an organisationโs logical control but it will physically reside in infrastructure owned and managed by another entity. And this is cause for concern for many within the business community. In addition to an overwhelming fear that their cloud data could suffer a security breach, the majority of organisations in our most recent Data Threat Report revealed that they were concerned over shared infrastructure vulnerabilities and also a lack of control over where data is processed and stored in the cloud.
Curbing the fears
Of course, cloud and SaaS providers can use encryption to protect an organisationโs sensitive data stored in the cloud. And, at a point when data breaches are at an all-time high, such security measures have never been more important. If we are to learn anything from the various cyber-attacks on high profile organisations over the past few years, itโs that hackers are after one thing: data. Protecting it using encryption is critical to ensure that any data is rendered useless to anyone other than its owner.
However, this is just one part of the puzzle. Encryption alone is not enough – access control and key management can also prove to be weak points in a providerโs defences. So, to recap the benefits of cloud computing confidently, an organisation must have full control over its data โ and the keys that protect it. Keys represent trust, and their secrecy and integrity determine whether that trust can be relied upon.
[easy-tweet tweet=”โbring your own encryption keyโ identified as the most popular way to secure data in the cloud” hashtags=”BYOK, Cloud”]
Keeper of the keys
To acknowledge this trust balance, we have seen rising popularity in businesses managing and controlling their own encryption keys. In fact, the โbring your own encryption keyโ (BYOK) concept was identified as the most popular way to secure data in the cloud, according to our 2017 Data Threat Report. Whatโs more, when it comes to the security techniques and solutions organisations are planning to implement next year, encryption with BYOK topped the list.
Clearly, this is a trend not to be taken for granted. As such, almost all the major cloud providers from Microsoft to AWS now offer BYOK capabilities. Google, for example, have all enabled a BYOK strategy for their Cloud customers to generate, protect and supply their encryption keys to the cloud using an on-premise hardware security module (HSM), allowing them to securely move more workloads to the cloud.
Furthermore, while most organisations want to take advantage of the public cloud, many are faced with resistance when migrating workloads containing sensitive data due to strict security standards that support internal policies or regulatory compliance. These requirements, however, are often overcome when encryption and customer controlled keys can prove to auditors that the enterprise is the custodian of the encryption keys and, consequently, the data they protect.
Taking control
While only 35 percent of global organisations either currently implement or have plans to implement BYOK encryption as part of their overall data security strategy, we can be certain that, as more businesses move sensitive data to cloud against a backdrop of an ever more precarious threat landscape, this number will only increase.
So whether your organisation is adopting a public, private or hybrid strategy, ensuring confidentiality and security of data has to be at the top of your agenda. We only have to recall the numerous data breaches on high-profile organisations โ from Yahoo to Ashley Madison – to understand the devastating impact of valuable data being hacked and leaked online. As more organisations focus on moving their sensitive data and applications to the public cloud, now is the time to take control, hold the keys to your castle and protect your data – even when it is physically out of reach.
Peter Galvin, Vice President of Strategy,Thales e-Security