Solving the Cloud Data Security Conundrum

Solving the Cloud Data Security Conundrum
Trusting the cloud involves a change in mindset. You must be ready to use runtime encryption in the cloud.

As we have seen in several major cybersecurity breaches, attackers will prey on a system's weakest points to harvest its data. An important source of vulnerability occurs at runtime, when data is in use. In response, enterprise developers must leverage runtime encryption technologies with effective key management to secure sensitive data — and this is especially true in the cloud/multicloud environment.


However, while runtime encryption solutions using hardware-aided security have been available for years, they were not available in the public cloud. But this is changing. [Editor's note: Fortanix is one of a number of companies that offer runtime encryption services.] Cloud service providers (CSPs) now offer hardware platforms that enable runtime encryption solutions to be deployed in the cloud. Innovative new solutions for key management, along with an end-to-end approach to encrypting and securing data when it's at rest, in transit, and in use, are critical, as are related functions required to make cloud runtime encryption viable.


Data Security: The Two-Thirds SolutionTraditionally, it has been possible to protect data by encrypting it at rest and in transit. This got organizations two-thirds of the way to complete data protection. At runtime, however, data pulsing through the CPU was exposed. Before today's increasing adoption of technologies such as Intel Software Guard Extensions (Intel SGX), runtime encryption was impractical. Comparable solutions, such as fully homomorphic encryption, have proved impractical for many of today's complex application use cases.


Requirements for Effective Runtime Data EncryptionNew runtime encryption solutions fill the security void when data reaches the CPU by creating a trusted execution environment (TEE) within which sensitive applications and data are protected. TEEs enable general-purpose computation on enc ..

Support the originator by clicking the read the rest link below.