Enterprises Should Think Twice Before Using Their Cloud Provider’s Data-At-Rest Encryption
We live in a multi-cloud world. Managing data security across multiple public clouds can be challenging. There are three main reasons why enterprises should think twice before using data-at-rest encryption solution offered by their cloud provider.
If you envision moving from one cloud platform to another
If you are using data-at-rest encryption offered by your cloud provider and you are planning to switch your cloud platform, then you’ll have to first decrypt your data, find a way to secure it while it’s in transition and then re-encrypt it using data-at-rest encryption solution offered by the other cloud platform provider. However, decrypting data during the transition may violate business agreements and thereby increase legal exposure. Moreover, it’s better to transfer cipher bits across cloud platforms to eliminate any security risks to your data but that is only possible if the same encryption software is being used on both cloud platforms and you control your own encryption key.
If you’re using a hybrid compute environment
Data-at-rest encryption solution offered by a cloud provider is limited to their own cloud platform. Enterprises contemplating to encrypt their sensitive data stored within their data center as well as in the cloud should not make use of data-at-rest encryption offered by their cloud provider. Otherwise, they must use multiple encryption solutions to protect their data which can be an expensive undertaking.
If you have (or are planning to have) a multi-cloud compute environment
If an enterprise is making use of more than one cloud platform and their sensitive data resides within platforms controlled by different entities, then the enterprise must contend with either making use of data-at-rest encryption solutions offered by each provider or find a solution that works across multiple cloud platforms. Making using of different data-at-rest encryption solutions can become an operational nightmare which will result in additional expenses.
On the other hand, enterprises that make use of data-at-rest solution offered by an independent third party can use a single solution across their hybrid/multi-cloud environments. There is no need to learn/deploy/manage different data encryption solutions. The need for such neutral third party data encryption solutions is going to grow as customers encounter limitations of encryption solutions offered by leading cloud platform providers such as AWS, GCE, and Azure. Server General TDE is one such solution – it is easy to set-up, maintain, manage and administer data-at-rest encryption service for the sensitive information stored within a database server or a file server deployed on any public, private or a hybrid cloud.
Server General offers a range of services to enable organizations to comply with the GDPR. Contact us if you are looking for strategic advice in regards to data subject’s consent, data transfer across geographical boundaries and or data-at-rest encryption of personal data stored in a database server or a file server. You can either send an email to [email protected] or fill out the “Contact Us” form.