Encryption key management critical for cloud security

April 23, 2012

When asked to identify the primary obstacle preventing their organization from committing more of its infrastructure to cloud services, IT professionals typically answer "security." Ever since its creation, people have harbored cybersecurity concerns regarding the nature of the cloud. After all, when an organization uses cloud services, it stores its data on a third party's servers, which strikes many as less secure than traditional forms of data storage.

However, as many security professionals now realize, cloud computing services are not inherently any less secure than older network forms - they simply require different precautions.

As two computer security professionals recently highlighted, one of the key precautions that companies should take when preparing their system for a shift to the cloud is encryption key management.

The keys to cloud security

Writing for Sys-Con, Dan Ariel states that industry experts widely agree that encryption is an essential component of cloud security. Only by encrypting the data stored on the cloud can an organization safeguard its information in the event that a hacker somehow accesses its files.

However, as Ariel points out, encrypted data is only secure if the keys that unlock it are also protected. If the encryption keys are stored along with the encrypted data, then any hacker who accesses the one will also gain access to the other, thereby undercutting the purpose of encryption.

Enlisting professionals

Addressing the issue of key management best practices, ComputerWorld's Stacy Collet recently argued that companies should consider enlisting professional key management service providers to help safeguard their encryted data. By using an enterprise-quality key management program that keeps the encryption keys in a completely different segment of its network, a company can significantly reduce the likelihood that access will fall into the wrong hands.

-McAfee Cloud Security