The Problems with Encrypting Data in the Cloud

The Problems with Encrypting Data in the Cloud

Cloud security is gaining a renewed focus, now that Apple founder Steve Wozniak has issued a stern warning about Cloud security risks. In response, numerous vendors have lined up to say that if you’re concerned about the security of your data in the Cloud, the simple solution is to encrypt them. In fact, there’s a new crop of Cloud gateways — appliances that go in your corporate DMZ and encrypt all traffic to the cloud, decrypting it on the way back. So, you can encrypt all your data in the Cloud with nobody being the wiser. What could be simpler?

There remain two central problems with encryption in the Cloud. The first is key management. It is absolutely essential that you maintain your private keys on premise, because all a hacker needs to do if you put your private key in the Cloud is steal it — since you can’t encrypt your private key. The good news here is that there’s no requirement that you put your private keys in the Cloud or use your Cloud provider’s private key. But relying upon your Cloud provider to manage a private key for you is like locking your valuables in a hotel room. They are as secure as the maids are honest.

But even if you maintain your private keys on premise, there’s still a problem with encrypting all your data in the Cloud: you can’t do anything with them (other than store them and move them around) as long as they’re encrypted. If you want to get any value from those data, you must either decrypt them in the Cloud or pull them back to your on-premise environment for processing. (There are technologies for working with encrypted data while they’re still encrypted, but those approaches aren’t ready for prime time yet).

If all you want to use the Cloud for is to store your data, then this limitation isn’t a problem for you. But sometimes you’re required to actually do something with your data. For example, HIPAA healthcare regulations allow for putting data in the Cloud as long as they’re secure. But the regulation also requires making the data available for statistical analysis (say, for nipping epidemics in the bud). But there’s no practical way to perform such analysis in the Cloud without decrypting the data first.

The Cloud’s security failings may be overblown, and on-premise environments and Private Clouds have their own security issues as well, but it’s important to understand just what security the Cloud does — and more importantly, does not — offer. Do I agree with the Woz? More or less, but even more important: I believe it was a good thing he expressed this opinion, if only to solicit defensive responses from Cloud security vendors.

devx-admin

devx-admin

Share the Post:
Urban Gardening

Creating Thriving Cities Through Urban Gardening

Grace Phillips September 25, 2023

The rising popularity of urban gardening is receiving increased recognition for its numerous advantages, as demonstrated in a recent study featured in the Environmental Research

Romanian Energy Security

Eastern Europe is Achieving Energy Security

Jordan Williams September 25, 2023

Canada and Romania have solidified their commitment to energy security and independence from Russian energy exports by signing a $3-billion export development agreement. The deal

Seamless Integration

Unlocking Seamless Smart Home Integration

Noah Nguyen September 25, 2023

The vision of an intelligently organized and interconnected smart home that conserves time, energy, and resources has long been desired by many homeowners. However, this

New Algorithm

MicroAlgo’s Groundbreaking Algorithm

Johannah Lopez September 25, 2023

MicroAlgo Inc. has revealed the creation of a knowledge-augmented backtracking search algorithm, developed through extensive research in evolutionary computational techniques. The algorithm is designed to

Urban Gardening

Creating Thriving Cities Through Urban Gardening

Grace Phillips September 25, 2023

The rising popularity of urban gardening is receiving increased recognition for its numerous advantages, as demonstrated in a recent study featured in the Environmental Research Letters journal. Carried out by

What You Need to Know About Cloud Security Strategies

What You Need to Know About Cloud Security Strategies

DevX Editor September 25, 2023

Today, many businesses are adopting cloud computing services. As a result, it’s important to recognize that security measures for data in the cloud are different from those in traditional on-premises

Romanian Energy Security

Eastern Europe is Achieving Energy Security

Jordan Williams September 25, 2023

Canada and Romania have solidified their commitment to energy security and independence from Russian energy exports by signing a $3-billion export development agreement. The deal is centered on constructing two

Seamless Integration

Unlocking Seamless Smart Home Integration

Noah Nguyen September 25, 2023

The vision of an intelligently organized and interconnected smart home that conserves time, energy, and resources has long been desired by many homeowners. However, this aspiration has often been hindered

New Algorithm

MicroAlgo’s Groundbreaking Algorithm

Johannah Lopez September 25, 2023

MicroAlgo Inc. has revealed the creation of a knowledge-augmented backtracking search algorithm, developed through extensive research in evolutionary computational techniques. The algorithm is designed to boost problem-solving effectiveness, precision, and

Poland Energy Future

Westinghouse Builds Polish Power Plant

Lila Anderson September 22, 2023

Westinghouse Electric Company and Bechtel have come together to establish a formal partnership in order to design and construct Poland’s inaugural nuclear power plant at the Lubiatowo-Kopalino site in Pomerania.

EV Labor Market

EV Industry Hurting For Skilled Labor

Jordan Williams September 22, 2023

The United Auto Workers strike has highlighted the anticipated change towards a future dominated by electric vehicles (EVs), a shift which numerous people think will result in job losses. However,

Soaring EV Quotas

Soaring EV Quotas Spark Battle Against Time

Noah Nguyen September 22, 2023

Automakers are still expected to meet stringent electric vehicle (EV) sales quotas, despite the delayed ban on new petrol and diesel cars. Starting January 2023, more than one-fifth of automobiles

Affordable Electric Revolution

Tesla Rivals Make Bold Moves

Grace Phillips September 22, 2023

Tesla, a name synonymous with EVs, has consistently been at the forefront of the automotive industry’s electric revolution. The products that Elon Musk has developed are at the forefront because

Sunsets' Technique

Inside the Climate Battle: Make Sunsets’ Technique

Lila Anderson September 22, 2023

On February 12, 2023, Luke Iseman and Andrew Song from the solar geoengineering firm Make Sunsets showcased their technique for injecting sulfur dioxide (SO₂) into the stratosphere as a means

AI Adherence Prediction

AI Algorithm Predicts Treatment Adherence

Jordan Williams September 22, 2023

Swoop, a prominent consumer health data company, has unveiled a cutting-edge algorithm capable of predicting adherence to treatment in people with Multiple Sclerosis (MS) and other health conditions. Utilizing artificial

Personalized UX

Here’s Why You Need to Use JavaScript and Cookies

Noah Nguyen September 22, 2023

In today’s increasingly digital world, websites often rely on JavaScript and cookies to provide users with a more seamless and personalized browsing experience. These key components allow websites to display

Geoengineering Methods

Scientists Dimming the Sun: It’s a Good Thing

Johannah Lopez September 22, 2023

Scientists at the University of Bern have been exploring geoengineering methods that could potentially slow down the melting of the West Antarctic ice sheet by reducing sunlight exposure. Among these

why startups succeed

The Top Reasons Why Startups Succeed

Macauley Keevins September 22, 2023

Everyone hears the stories. Apple was started in a garage. Musk slept in a rented office space while he was creating PayPal with his brother. Facebook was coded by a

Bold Evolution

Intel’s Bold Comeback

Grace Phillips September 21, 2023

Intel, a leading figure in the semiconductor industry, has underperformed in the stock market over the past five years, with shares dropping by 4% as opposed to the 176% return

Semiconductor market

Semiconductor Slump: Rebound on the Horizon

Jordan Williams September 21, 2023

In recent years, the semiconductor sector has faced a slump due to decreasing PC and smartphone sales, especially in 2022 and 2023. Nonetheless, as 2024 approaches, the industry seems to

Elevated Content Deals

Elevate Your Content Creation with Amazing Deals

Noah Nguyen September 21, 2023

The latest Tech Deals cater to creators of different levels and budgets, featuring a variety of computer accessories and tools designed specifically for content creation. Enhance your technological setup with

Learn Web Security

An Easy Way to Learn Web Security

Johannah Lopez September 21, 2023

The Web Security Academy has recently introduced new educational courses designed to offer a comprehensible and straightforward journey through the intricate realm of web security. These carefully designed learning courses

Military Drones Revolution

Military Drones: New Mobile Command Centers

Johannah Lopez September 21, 2023

The Air Force Special Operations Command (AFSOC) is currently working on a pioneering project that aims to transform MQ-9 Reaper drones into mobile command centers to better manage smaller unmanned

Tech Partnership

US and Vietnam: The Next Tech Leaders?

Grace Phillips September 21, 2023

The US and Vietnam have entered into a series of multi-billion-dollar business deals, marking a significant leap forward in their cooperation in vital sectors like artificial intelligence (AI), semiconductors, and

Huge Savings

Score Massive Savings on Portable Gaming

Lila Anderson September 21, 2023

This week in tech bargains, a well-known firm has considerably reduced the price of its portable gaming device, cutting costs by as much as 20 percent, which matches the lowest

Cloudfare Protection

Unbreakable: Cloudflare One Data Protection Suite

Jordan Williams September 21, 2023

Recently, Cloudflare introduced its One Data Protection Suite, an extensive collection of sophisticated security tools designed to protect data in various environments, including web, private, and SaaS applications. The suite

Drone Revolution

Cool Drone Tech Unveiled at London Event

Noah Nguyen September 21, 2023

At the DSEI defense event in London, Israeli defense firms exhibited cutting-edge drone technology featuring vertical-takeoff-and-landing (VTOL) abilities while launching two innovative systems that have already been acquired by clients.

Show More