Login | Register   
LinkedIn
Google+
Twitter
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX


 
 

When Encryption Gets in the Way of Data Availability

Posted by Jason Bloomberg on Dec 16, 2012

Encryption is our primary tool for providing data confidentiality, an essential requirement for many Cloud Computing applications. However, as I discussed in the previous blog post, encryption is not a perfect approach. But why stop there? Let's take another pot shot.

Data availability is not generally on the list of Cloud security concerns, but if your security gets in the way of your data availability, then you have a problem. The most obvious risk here is losing your private key. Perhaps a failed hard drive is the culprit, or more likely, a simple human error leads to the corruption or loss of your private key. Now all the data you used that key for are gone. You're still paying to store them in the Cloud, but for naught -- you may as well be storing so many rocks.

And what about your backups? A backup (cloud backup or otherwise) is only as good as your ability to restore your data from the backup. Anyone who has dug out that old backup tape to find it's unreadable knows that the most conscientious backup routine on the planet amounts to bupkus if you can't restore from backup.



So, what if you're backing up data in encrypted form in the Cloud? Many months later, say you must restore some day's backed up data. Only it's encrypted. With an older key. You religiously rotate your private keys (an information security best practice). So which key did you use last June 23rd? And where is it? If you can't find it, then bye-bye backup.

TAGS:

encryption, cloud backup


Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap