{"id":4743,"date":"2021-09-07T17:19:49","date_gmt":"2021-09-07T09:19:49","guid":{"rendered":"https:\/\/www.progreso.com.sg\/newsite\/?post_type=all_news&p=4743"},"modified":"2021-09-07T17:36:38","modified_gmt":"2021-09-07T09:36:38","slug":"encryption-key-management","status":"publish","type":"all_news","link":"https:\/\/www.progreso.com.sg\/newsite\/all_news\/encryption-key-management\/","title":{"rendered":"Blog: Best Practices For Encryption Key Management When Storing Data in the Cloud"},"content":{"rendered":"\t\t
\n\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

The proliferation of cloud-based services has radically simplified day-to-day data management and decreased overhead costs for many businesses. It is currently estimated that\u00a0more than 60% of organizations<\/a>\u00a0have moved to cloud-based data systems, with many using the cloud to store sensitive information. At the same time however, cloud technology has brought with it a number of new business risks. In the increasingly predatory world of cloud-stored data, following best practices for encryption\u00a0key management<\/a>\u00a0can help you achieve the maximum level of protection possible. These three best practices for encryption key management can set your cloud-based company on the path to optimum data security and keep your information from falling into the wrong hands.<\/p>\n

1. Don\u2019t Store Your Lock and Key Together<\/b><\/p>\n

Obviously, you want your data to be under lock and key \u2013 like locking the door to your house to protect your valuables. Handing over your data management to cloud services is often the most stress-free route to take. But when companies move their data to cloud-based management systems, they may be giving the cloud provider access to their key, meaning the lock and key are stored closer together than necessary. This is like leaving your house key under the mat in front of your door; there will be fewer barriers in the way to stop someone intent on robbing you. In regards to this issue, the\u00a0Cloud Security Alliance recommends separation of the lock and key, as well as back up of encryption keys in offline and secured locations.\u00a0<\/a><\/p>\n

StorMagic SvKMS<\/a>\u00a0enables you to manage and bring your own keys (known as\u00a0BYOK<\/a>) to cloud and SaaS-based encryption services. Amongst a number of benefits, this allows users to retain control over the de-encryption of data and provide a full audit trail of key lifecycle activity. It also allows users to disable keys to protect their encrypted data from breaches and from third-party service providers, if necessary.<\/p>\n

2. Centralize Your Key Management Infrastructure<\/b><\/p>\n

With the growth of cloud services, companies are using dozens of SaaS platforms, as well as many more micro and sub services via their cloud providers. Organizations may be using multiple key management servers and protocols across these different services and platforms. And, at the same time these cloud services are operating, local applications are running in their data centers. Under these circumstances, the multiple key management servers will likely have varied levels of security and conformity to industry standards. This complicates data infrastructure, increasing cost and risk while decreasing efficiency.<\/p>\n

The development of\u00a0KMIP<\/a>\u00a0as a standard for data management makes this complex infrastructure simply unnecessary. KMIP and centralized key management infrastructure are built into the DNA of SvKMS. StorMagic recognizes the need for seamless protection of keys, secrets and credentials across multiple applications and use cases, both on-premise and in the cloud. In many cases, the combination of SvKMS with various KMIP enabled platforms already in your infrastructure, such as in VMware, Hyper-V or numerous storage arrays, presents an opportunity to activate native encryption features with almost no effort, thus increasing your security posture significantly in a short time.<\/p>\n

3. Be Compliant and Proactive in Handling Sensitive Data<\/b><\/p>\n

As the \u201cwild, wild west\u201d days of the internet are being left behind, major industries such as healthcare, financial services and medical\/biotechnology are being compelled to encrypt their sensitive data, to meet nationwide \/ global regulations and guidelines.\u00a0The EU passed a policy<\/a>\u00a0dealing with the encryption of personal data for all companies operating within its borders. Failure to conform to such regulations can lead to severe fines and other penalties. But even industries that aren\u2019t compelled by regulators to follow encryption guidelines need to be proactive for purely business reasons. Data breaches can lead to reputational fallout, legal action and loss of sensitive or proprietary data, belonging to the business. Ultimately, in both regulated and unregulated industries, being vigilant about following legal or industry standards is important to the bottom line.<\/p>\n

As a full-featured key management lifecycle platform, StorMagic SvKMS can help\u00a0meet complex legal requirements across a wide variety of regulations<\/a>,\u00a0not only in cloud but also on-premise and hybrid services, including:<\/p>\n