As organizations migrate workloads to the cloud in search of greater agility, innovation and reduced costs, they face serious security challenges that conventional key encryption technology fails to meet.
The range of security threats covers everything from the hijacking of cloud services to the criminal use of AI and ML and the emergence of cyber-espionage-for-hire. Ransomware and phishing attacks have increased as more enterprises adopt cloud applications.
The pandemic has accelerated this migration of data to the public and private clouds. A report from Deloitte1 highlights how investment in cloud infrastructure increased through 2020 with the scale of mergers and acquisitions indicating significant expectations of further growth. Much of this pandemic migration was on consumer-grade connectivity, however, as millions of employees worked from home, adding to the security vulnerabilities.
The hybrid use of a combination of public, private cloud and on-premises provision is increasingly what works best for organizations, but in the absence of effective security it increases the potential attack surface for cybercriminals. The typical enterprise may now use as many as 1,200 different clouds including commonplace applications or systems such Microsoft Exchange or Salesforce. Using a mix of environments for data and applications allows enterprises to spread the workload and risk, theoretically avoid vendor lock-in and achieve the maximum possible levels of resilience and security while optimizing workflows. It is why analysts IDC estimate more than 90 percent of enterprises worldwide will be relying on the hybrid approach to meet their infrastructure needs by the end of next year (2022).
Combined with the imposition of stricter regulations such as the EU’s GDPR, these developments make control of encryption keys used to protect data more important than ever. For those with heavy investments in on-premises infrastructure, hardware security modules (HSMs), or apps partially in the cloud, the inability to secure and manage the cryptographic keys that protect their data across a multitude of scenarios has the potential to bring their organizations to an extremely costly standstill.
The problem is that each cloud deployment requires a different key because the cloud providers use discrete systems and technologies to protect data. Refactoring to create these keys takes time and knowledge of the provider’s technology.
The creation and management of keys is a huge burden for IT managers, especially when hardware remains intact. Security is potentially compromised when organizations are unable to manage keys across disparate sites because of dependencies on the applications they are looking to authenticate, each having been written to specific cloud requirements. Developers and solution architects take on the biggest migration risk, because the painstaking work that it took to develop an application once, may now have to be repeatedly refactored to ensure that keys work anywhere in the cloud, at any time.
For key management, organizations may feel they can rely on the solutions provided by the major cloud service providers (CSPs), who have made encryption simple to activate. It is just so much easier. There is a big problem with this, however, because having the keys held by the same entity that holds the data is contrary to any notion of best practice. Besides the obvious vulnerability that comes from cybercriminals penetrating the CSP’s security to gain access to its customers’ data, there the risk of CSPs having to comply with government warrants for disclosure.
It is also far harder to achieve consistency of data governance across an organization’s entire and varied infrastructure – including on-premises hardware – when keys are managed by the cloud provider. The way CSPs’ solutions deliver a segmented picture of the key logs and usage reports makes it impossible for enterprises to manage their entire range of keys in one place with full visibility across all sites. Time to market for new and existing applications also suffers as they require keys to ensure the requisite security policies are met in each case.
The way out of this tangle is through a cloud-agnostic solution that provides keys that protect data across all environments. This is an approach that does not require refactoring with every deployment. Every claim for cloud-agnosticism should be rigorously challenged, however, to ensure solutions will do what their creators claim.
Avoiding inadequate solutions
The surest way to avoid an inadequate solution and to guarantee cloud-agnosticism is through the adoption of a third-party platform that overrides the complexity of refactoring. The solution should enable enterprises to write their own keys and to control them, setting policy in relation to usage. This needs to be through a separate, one-stop platform, using advanced technology such as multi-party computation (MPC). MPC splits a secret key into two or more pieces and places them on different servers and devices. Because all the pieces are required to get any information about the key, but are never assembled, hackers must breach all the servers and devices. Strong separation between these devices (different administrator credentials, environments, and so on), provides a very high level of key protection.
Adopting MPC third-party key management gives enterprises using hybrid cloud or multi-cloud infrastructures the single-pane-of-glass visibility that is essential for security and surveillance, providing information about all keys and digital assets, how they are stored, who is using them and how they are programmed.
This gives control that complies with various data protection and data privacy regulations such as GDPR. A good example that illustrates this is data-shredding, where an organization uploads highly sensitive data to the cloud and is obliged to delete it after a certain time. How can the organization ensure the data was eliminated from all instances, backups, servers in all relevant regions? This may be a difficult undertaking but holding the master encryption key separately from the cloud makes it much easier. Delete the master key, and the encrypted data in the cloud is instantly shredded and cannot be recovered.
Neither is it possible for a rogue user to get round policy governing data access, even if they work for a CSP. In other words, the adoption of a third-party cryptographic key platform founded on MPC technology removes much of the risk that currently accompanies the mass migration to the cloud at enterprise level.
This is the one way organizations can be certain to deliver greater responsiveness, innovation and efficiency from increased cloud adoption and the use of hybrid environments without any compromise of security.
Michael Hughes, Chief Business Officer, Unbound Security