Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: Data privacy and PRISM: When politics and technology collide

Steve Pate | July 2, 2013
Given the rise of privacy issues, companies might think twice about moving mission critical applications to the cloud for a period of time but the siren call of Infrastructure as a Service (IaaS) will continue to lure business to the cloud.

The world is definitely getting smaller, and though you may try to run, it may be better to hide.

The importance of encryption
I've said it before. I'll say it again. If you have data you don't want other people to read, encrypt it, and make sure that you control the keys.

Encryption in the cloud is more challenging, as you don't typically have control over the infrastructure. Further, if the government is capturing data from within a CSP's network, then it matters significantly where you deploy your encryption. If you're encrypting across the wire, but data is in the clear once it arrives at the CSP, that doesn't give you any protection.

If you are running virtual machines in the cloud (IaaS), you can use technology that encrypts data from within the OS of each virtual machine, ensuring that data is protected as it traverses the hypervisor and continues on to storage. This can reduce access to data in a significant number of cases.

Virtualized environments have distinct differences from their physical server brethren. For instance, if you suspend a VM, a file is created that can contain sensitive data, depending on what was running when it was stopped. In a physical server, this is the data that would have been in memory. In a VM, it's now searchable and accessible, unless you encrypt it.

By doing this, you can at least be sure that if your CSP happens to turn your data over — either intentionally or inadvertently (say, for instance, your data was stored on a disk or other storage media as a company that was being investigated) — YOU get to make the decision about whether to give the government access to your data ... and for the moment, you can breathe.

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.