The benefits of distributed cloud computing are accompanied by new responsibilities for ensuring data is securely maintained wherever it resides—on-premises or in the cloud. One reality of cloud computing is the number of different cloud providers the typical enterprise employs to support its application and data needs. A growing percentage of enterprises have a multicloud strategy. Many even report running applications on an average of 3.4 public and private clouds and experimenting with 1.5 more for a total of 4.9 clouds. Multicloud enterprises are the norm.
The growth of digital services provided by banks, card issuers, as well as an increasing number of fintech startups who are redefining payment methods and convenience is accompanied by an ever-greater vigilance regarding payment security. Hardly a week goes by without a news item mentioning a data breach that disrupts commerce, damages a business’s reputation and makes consumers less trusting of digital commerce.
Decades-old major retailers with significant investments in on-premises data centers typically take a cautious, gradual approach in making the transition. In most instances, the retailer opts for a hybrid cloud environment with data and applications distributed among their data center and a public or private cloud.
Encryption key management is the foundation for data security. However, the well-established methods of managing encryption keys using legacy hardware security modules (HSM) are inadequate for the growing number of applications hosted in the cloud.
Cloud technologies play a significant role in facilitating the global distribution and interconnection that make financial services easy to access. The cloud lets a financial services firm quickly expand its coverage to a new geography, optimize processing and data management for that location and remotely monitor performance without the need for significant capital investment.
The Internet of Things (IoT) is a network of physical objects, such as smart appliances, car navigators, drones, etc. that can communicate, interact and exchange data over the internet. One of the earliest examples of the IoT was a connected Coca Cola machine on the Carnegie Mellon University campus in the early 1980s. Local programmers were able to connect to the machine by the internet to see if a cold drink was available before making the trip
Data encryption is the bedrock of cybersecurity. Encrypted data remains worthless ciphertext without access to encryption keys; hardware security modules (HSM) are well-established means for securing those keys in on-premises data centers. Data security teams are well-versed in the process of purchasing, provisioning and managing those HSMs.
When we talk to companies around the world, a common topic of discussion is the transformational nature of cloud technologies. In a very short time, the cloud has disrupted every aspect of how IT infrastructure, resources and software are deployed and managed. While there’s near-universal agreement on the economic benefits of this, it’s not all good news: In these discussions, the conversation invariably turns toward the growing challenges of cloud security management - in particular, the management of the encryption keys that are fundamental to cloud security.
The cloud strategy you adopt—private, hybrid, public or multicloud—is a key factor in the decision as to which encryption key management strategy will work best for your enterprise. For best results, your key strategy should fit your long-term cloud strategy and should be applied consistently across your enterprise.
The best approach to delivering each of the aforementioned capabilities is an HSM as a Service (HSMaaS) solution. It leverages the established strengths of the cloud—wide availability, service on demand and scalability—to make encryption keys easy to implement and manage.