The benefits of distributed cloud computing are accompanied by new responsibilities for ensuring data is securely maintained wherever it resides—on-premises or in the cloud. One reality of cloud computing is the number of different cloud providers the typical enterprise employs to support its application and data needs. A growing percentage of enterprises have a multicloud strategy. Many even report running applications on an average of 3.4 public and private clouds and experimenting with 1.5 more for a total of 4.9 clouds. Multicloud enterprises are the norm.
Decades-old major retailers with significant investments in on-premises data centers typically take a cautious, gradual approach in making the transition. In most instances, the retailer opts for a hybrid cloud environment with data and applications distributed among their data center and a public or private cloud.
Based on Equinix’s experience in providing encryption and connectivity services for globally distributed enterprises, we share three best practices—cloud-neutral encryption key management services, private connections and partner ecosystems—for securely managing content and media data/assets.
Imagine knowing everything about a customer before they come through the door – name, preferences and interests, buying history, who they are connected to, where they live, and more. That kind of intelligence makes it easy to strike up a conversation with the customer and make the right recommendations that can lead to sales. The more you know, the more chances you have to win.
Data encryption is the bedrock of cybersecurity. Encrypted data remains worthless ciphertext without access to encryption keys; hardware security modules (HSM) are well-established means for securing those keys in on-premises data centers. Data security teams are well-versed in the process of purchasing, provisioning and managing those HSMs.
Residing on disks, in computer memory or transferred by wire or wireless, data increasingly drives global economies. Try going a day without internet access. How isolated do you feel when you’re out of cell-tower range? Your day is driven by data, and the value of data is defined by its context and usage.
AWS CloudHSM is designed for organizations that formerly used HSMs to manage encryption keys in their own data centers and would like to continue in the same vein by using HSMs provided and maintained by AWS. With CloudHSM, HSMs purchased, provisioned and managed by an organization within their own data centers are replaced by HSMs purchased, provisioned and managed by Amazon.
The cloud strategy you adopt—private, hybrid, public or multicloud—is a key factor in the decision as to which encryption key management strategy will work best for your enterprise. For best results, your key strategy should fit your long-term cloud strategy and should be applied consistently across your enterprise.
Guarding against data breaches becomes even more challenging as organizations move data and applications from the security of their on-premise IT infrastructure to the cloud, where the responsibility for protecting data is shared with the cloud provider. Because encryption keys play a vital role in this scenario by shielding data from potential breaches, the approach to encryption key management requires careful evaluation.
We’re immersed in the world of security this week at the RSA Conference 2018 in San Francisco. There’s no question that the recent flood of news regarding corporate data security breaches and the need for significantly better policies to protect personal information are just a couple of the reasons why this event could not be more timely and relevant.