In the Cloud, Encryption in Motion + Encryption at Rest = Not Good Enough

In the Cloud, Encryption in Motion + Encryption at Rest = Not Good Enough

Can you use SSL to secure interactions with the Cloud? The answer: in part. Remember, the original intent for SSL (Secure Sockets Layer, now known as Transport Layer Security, or TLS) was to secure interactions between browsers and Web servers, and to this day it still offers only point-to-point, channel encryption. If you want a message to traverse any kind of intermediary, or if you want to secure only part of a message, then SSL falls short. And of course, SSL can only secure messages in motion. It doesn’t help at all with securing data at rest.

To secure data at rest, you need an alternative approach to encryption. The brute force approach is to encrypt all data before you upload it to the Cloud. That way you can keep your private keys on premise (an important best practice), and you can rest assured that hackers will have a very hard time cracking any of your confidential information in the Cloud, no matter where the Cloud provider puts it.

The problem with the brute force approach is that you can’t do much with your information when it’s in an encrypted form. You can store it and move it around, but you can’t process it in the Cloud without decrypting it there, which creates an obvious opportunity for hackers. As a result, many organizations require a more subtle approach than brute force encryption.

An alternative approach that’s gaining increasing traction in the Cloud marketplace is the use of encrypted volumes. In essence, the entire virtual drive is encrypted, so any files you store on it are automatically encrypted. Will an encrypted volume solve your data-at-rest confidentiality problem?

Not so fast. With today’s encrypted volume technology, all you need is a single username/password or private key to unlock the drive. And once someone has unlocked it, they have access to all the data on the drive. No fine-grained access control or entitlements. Bottom line: sometimes you can secure your data in motion with SSL and your data at rest with encrypted volumes in the Cloud, but even when you combine both approaches, you still have holes a hacker can drive a truck through. Be warned!

devx-admin

devx-admin

Share the Post:
AI Girlfriend Craze

AI Girlfriend Craze Threatens Relationships

Grace Phillips September 27, 2023

The surge in virtual AI girlfriends’ popularity is playing a role in the escalating issue of loneliness among young males, and this could have serious

AIOps Innovations

Senser is Changing AIOps

Lila Anderson September 27, 2023

Senser, an AIOps platform based in Tel Aviv, has introduced its groundbreaking AI-powered observability solution to support developers and operations teams in promptly pinpointing the

Malyasian Networks

Malaysia’s Dual 5G Network Growth

Jordan Williams September 27, 2023

On Wednesday, Malaysia’s Prime Minister Anwar Ibrahim announced the country’s plan to implement a dual 5G network strategy. This move is designed to achieve a

Advanced Drones Race

Pentagon’s Bold Race for Advanced Drones

Johannah Lopez September 27, 2023

The Pentagon has recently unveiled its ambitious strategy to acquire thousands of sophisticated drones within the next two years. This decision comes in response to

Important Updates

You Need to See the New Microsoft Updates

Johannah Lopez September 27, 2023

Microsoft has recently announced a series of new features and updates across their applications, including Outlook, Microsoft Teams, and SharePoint. These new developments are centered

AI Girlfriend Craze

AI Girlfriend Craze Threatens Relationships

Grace Phillips September 27, 2023

The surge in virtual AI girlfriends’ popularity is playing a role in the escalating issue of loneliness among young males, and this could have serious repercussions for America’s future. A

AIOps Innovations

Senser is Changing AIOps

Lila Anderson September 27, 2023

Senser, an AIOps platform based in Tel Aviv, has introduced its groundbreaking AI-powered observability solution to support developers and operations teams in promptly pinpointing the root causes of service disruptions

Bebop Charging Stations

Check Out The New Bebob Battery Charging Stations

Noah Nguyen September 27, 2023

Bebob has introduced new 4- and 8-channel battery charging stations primarily aimed at rental companies, providing a convenient solution for clients with a large quantity of batteries. These wall-mountable and

Malyasian Networks

Malaysia’s Dual 5G Network Growth

Jordan Williams September 27, 2023

On Wednesday, Malaysia’s Prime Minister Anwar Ibrahim announced the country’s plan to implement a dual 5G network strategy. This move is designed to achieve a more equitable incorporation of both

Advanced Drones Race

Pentagon’s Bold Race for Advanced Drones

Johannah Lopez September 27, 2023

The Pentagon has recently unveiled its ambitious strategy to acquire thousands of sophisticated drones within the next two years. This decision comes in response to Russia’s rapid utilization of airborne

Important Updates

You Need to See the New Microsoft Updates

Johannah Lopez September 27, 2023

Microsoft has recently announced a series of new features and updates across their applications, including Outlook, Microsoft Teams, and SharePoint. These new developments are centered around improving user experience, streamlining

Price Wars

Inside Hyundai and Kia’s Price Wars

Grace Phillips September 27, 2023

South Korean automakers Hyundai and Kia are cutting the prices on a number of their electric vehicles (EVs) in response to growing price competition within the South Korean market. Many

Solar Frenzy Surprises

Solar Subsidy in Germany Causes Frenzy

Lila Anderson September 27, 2023

In a shocking turn of events, the German national KfW bank was forced to discontinue its home solar power subsidy program for charging electric vehicles (EVs) after just one day,

Electric Spare

Electric Cars Ditch Spare Tires for Efficiency

Jordan Williams September 27, 2023

Ira Newlander from West Los Angeles is thinking about trading in his old Ford Explorer for a contemporary hybrid or electric vehicle. However, he has observed that the majority of

Solar Geoengineering Impacts

Unraveling Solar Geoengineering’s Hidden Impacts

Noah Nguyen September 27, 2023

As we continue to face the repercussions of climate change, scientists and experts seek innovative ways to mitigate its impacts. Solar geoengineering (SG), a technique involving the distribution of aerosols

Razer Discount

Unbelievable Razer Blade 17 Discount

Grace Phillips September 26, 2023

On September 24, 2023, it was reported that Razer, a popular brand in the premium gaming laptop industry, is offering an exceptional deal on their Razer Blade 17 model. Typically

Innovation Ignition

New Fintech Innovation Ignites Change

Lila Anderson September 26, 2023

The fintech sector continues to attract substantial interest, as demonstrated by a dedicated fintech stage at a recent event featuring panel discussions and informal conversations with industry professionals. The gathering,

Import Easing

Easing Import Rules for Big Tech

Jordan Williams September 26, 2023

India has chosen to ease its proposed restrictions on imports of laptops, tablets, and other IT hardware, allowing manufacturers like Apple Inc., HP Inc., and Dell Technologies Inc. more time

Semiconductor Stock Plummet

Dramatic Downturn in Semiconductor Stocks Looms

Noah Nguyen September 26, 2023

Recent events show that the S&P Semiconductors Select Industry Index seems to be experiencing a downturn, which could result in a decline in semiconductor stocks. Known as a key indicator

Anthropic Investment

Amazon’s Bold Anthropic Investment

Johannah Lopez September 26, 2023

On Monday, Amazon announced its plan to invest up to $4 billion in the AI firm Anthropic, acquiring a minority stake in the process. This decision demonstrates Amazon’s commitment to

AI Experts Get Hired

Tech Industry Rehiring Wave: AI Experts Wanted

Grace Phillips September 26, 2023

A few months ago, Big Tech companies were downsizing their workforce, but currently, many are considering rehiring some of these employees, especially in popular fields such as artificial intelligence. The

Lagos Migration

Middle-Class Migration: Undermining Democracy?

Lila Anderson September 26, 2023

As the middle class in Lagos, Nigeria, increasingly migrates to private communities, a PhD scholar from a leading technology institute has been investigating the impact of this development on democratic

AI Software Development

ChatGPT is Now Making Video Games

Johannah Lopez September 26, 2023

Pietro Schirano’s foray into using ChatGPT, an AI tool for programming, has opened up new vistas in game and software development. As design lead at business finance firm Brex, Schirano

Llama Codebot

Developers! Here’s Your Chatbot

Jordan Williams September 26, 2023

Meta Platforms has recently unveiled Code Llama, a free chatbot designed to aid developers in crafting coding scripts. This large language model (LLM), developed using Meta’s Llama 2 model, serves

Tech Layoffs

Unraveling the Tech Sector’s Historic Job Losses

Noah Nguyen September 26, 2023

Throughout 2023, the tech sector has experienced a record-breaking number of job losses, impacting tens of thousands of workers across various companies, including well-established corporations and emerging startups in areas

Chinese 5G Limitation

Germany Considers Limiting Chinese 5G Tech

Grace Phillips September 25, 2023

A recent report has put forth the possibility that Germany’s Federal Ministry of the Interior and Community may consider limiting the use of Chinese 5G technology by local network providers

Modern Warfare

The Barak Tank is Transforming Modern Warfare

Lila Anderson September 25, 2023

The Barak tank is a groundbreaking addition to the Israeli Defense Forces’ arsenal, significantly enhancing their combat capabilities. This AI-powered military vehicle is expected to transform the way modern warfare

AI Cheating Growth

AI Plagiarism Challenges Shake Academic Integrity

Jordan Williams September 25, 2023

As generative AI technologies like ChatGPT become increasingly prevalent among students and raise concerns about widespread cheating, prominent universities have halted their use of AI detection software, such as Turnitin’s

Show More