How can cloud providers offer sensitive data protection?

How can cloud providers offer sensitive data protection in a cloud environment? Is there a way to ensure that highly sensitive data, such as Social Security numbers, will be safe in the cloud?

Download this free guide

Optical Network Design and Transport 101

Gain best practices for optical network design – including access, metro and core network issues affecting fiber deployment – as well as 3-part overview of DWDM optical network transport.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Not all data is suitable to be, or should be, stored in the cloud. Risk assessment and analysis is also required. In my opinion, the stakes are too high for sensitive data to reside in the cloud, even if the data is encrypted. One exception is when a private cloud is being used on a customer's premises.

Security, privacy and compliance become shared contractual responsibility between the cloud provider and the customer, but, ultimately, it is the customer that is liable. Like warranties, a cloud provider's liabilities are limited. It's important to remember that once sensitive data is placed in the cloud, the organization no longer has full control.

Various schematics and techniques can be used to minimize the risk of unauthorized access and sharing, but it is well accepted that 80% of data theft and fraud occur internally -- so why should this be any different in a cloud provider's organization? In reality, it may not be that high, depending upon the customer's deployment and extent of control.

Increasing numbers of cybercriminals will shift their attack target to cloud providers since the payload of sensitive data is huge from multi-organizations. Once a hacker manages to penetrate the parameter of the provider, all organizations become fair game.

To provide security in depth, cloud providers will need to consider and evaluate various security architectures by performing the following:

• Disk encryption versus data encryption
• Vigilant monitoring of their infrastructure and its employees
• Configuration of all systems to delete temporary files and encryption keys upon ending the session
• Careful management and prompt destruction of system snapshots when they are taken by system administrators (these snapshots  should also be carefully managed under strict policies and procedures and destroyed as soon as their purpose is fulfilled)
• Provisioning the ability to detect rogue virtual machines
• Ensuring that privacy and compliance requirements of a customer are not breached
• Conducting regular internal and external vulnerability assessment and analysis
• Conducting audits daily, since the network is dynamic

Note: The above tips are not meant to be comprehensive.