Cloud service adoption has rapidly increased since this blog was first posted in 2010. With that in mind, we thought we’d provide you with an update to better reflect the ever-increasing cloud storage security challenges faced by modern enterprises today, and how solutions like Nasuni overcome them.
To start, businesses have shifted from wondering whether they should take advantage of the cloud to planning how they are going to make it an integral part of their IT infrastructures. For all the advantages of storing data in the cloud, however, fundamental security concerns remain. First and foremost is that your data moves outside the well-established and carefully constructed security perimeter of your organization. That scares some businesses, as it seems to go against some of the basic tenets of good security. But a properly designed cloud-based storage solution can effectively extend the security perimeter of your office, ensuring that your data is always safe in transit and at rest.
If you are considering moving unstructured data to the cloud, here are the top five cloud storage security challenges your solution should address if you hope to keep your business data safe.
1. How Does the Solution Prevent Data Leakage?
The cloud is a multi-tenant environment, where resources are shared. It is also an outside party, with the potential to access a customer’s data. Sharing storage hardware and placing data in the hands of a vendor seems, intuitively, to be risky. In addition, safe harbor and privacy laws make control over your data essential. Whether it happens because of access by government agencies, a malicious hacker attack or even an accident, data leakage would be a major security or privacy violation. The best strategy is to assume from the start that the cloud vendor could be compromised, and send only encrypted files to the cloud. Use the strongest encryption that you can; anything less is not worthwhile. Don’t depend on the cloud provider or an intermediary to encrypt those files for you – then they’ll be able to decrypt them as well, and you’ll have to rely on trust. With the cloud, all data and metadata should be encrypted at the edge, before it leaves your premises. It does not matter that the clouds are managed by major, revered companies. They still should not be trusted. The only person to trust is yourself.
2. Will Your Organization Have Unique Cloud Credentials?
Access to a given pool of storage is based on credentials, and if you are lumped together with another set of customers and share the same credentials, there is a risk that one of them could obtain those credentials and access your data. They would not be able to decipher it, assuming it is encrypted, but they could delete the files. By securing your own unique credentials, however, your files will be walled off from other companies and their data. No one else will be able to log into your account and delete your files.
3. How Secure Will Your Data be in Transit?
Without strong encryption and unique credentials, files can be vulnerable in the cloud, but there are also risks during data transmission. Strictly speaking, encrypted files do not need to be sent over a secure connection – this amounts to double encryption. But it is best to assume the worst and guard against any measure of snooping by only sending and retrieving data over a secure connection. This prevents against someone seeing cloud metadata. Data and metadata should be completely opaque on the wire and in the cloud. Nothing – no filenames, timestamps – should be decipherable once it leaves your premises.
4. Who Holds the Crypto Keys?
This question has to be addressed properly because if you botch key management, there is a risk that users will not want to activate the cryptography, which then compromises security. Key management should be so simple that users are not even aware of it: Encryption should be automatic. There should be no way to turn it off. This way, if there is no insecure mode, then there is no chance of someone accidentally sending unencrypted, vulnerable data to the cloud. Keys should also be securely escrowed, and difficult to retrieve, so that no outside party can obtain that key to access your data.
5. Will Performance Suffer?
A strong security strategy is a necessity, but it should not seriously impact performance. Encryption of data being sent to the cloud, and decryption of files called back from the cloud, should happen with little or no impact on the user experience. Ideally, it should all happen without the user noticing a thing.
Nasuni has addressed these challenges by adopting OpenPGP encryption, acquiring unique cloud credentials for each of its customers, and ensuring that all data is completely opaque on the wire and in the cloud. Using OpenPGP, the most widely vetted encryption standard in use today, Nasuni Edge Appliances encrypt all data and metadata before sending it to the cloud, and transmit all data over a secure connection. The appliance also encrypts filenames, file sizes, timestamps, and more. This way, both data and metadata are completely opaque. Our customers are the only parties with access to their encryption keys, and this encryption is automatic: each edge appliance can only send encrypted data to the cloud. Finally, by using the AES-256 cipher, Nasuni is able to encrypt and decrypt data quickly, ensuring that users enjoy strong security without sacrificing file server performance.
Regardless of whether Nasuni is right for your organization, you should keep the five challenges above in mind as you evaluate your cloud storage options. The cloud presents a tremendous opportunity for enterprise IT, but only if the security design of the system in question addresses these challenges. Download the Nasuni Security Model white paper to learn more about how we address these challenges.