The most popular and comprehensive Open Source ECM platform
In survey after survey, companies are responding that they are incredibly intrigued by the potential of cloud computing, but almost universally there continues to be worry about the security of data that would get moved to the cloud. Some vendor companies have viewed the cloud security problem as an opportunity and made it the focus of their business.
One approach that some companies like Boston-based Nasumi are taking is to ensure strong encryption of all data that is moved into the cloud. By doing this the company notes the following advantages:
1) Multi-tenancy leaks. Cloud providers are able to pass cost savings onto their customers by building their software to support multi-tenancy, a technique that allows multiple customers to share the same server and resource installation of a software application but be partitioned in such a way that a single customer is not aware that the application is being shared with other customers. Typically data is secured in the application using access controls and software-based security constructs. Because the data from all customers is typically stored in the same location there is the worry that data from one customer could potentially leak and be visible to another customer as a result of a software defect. If data is encrypted, even if it gets leaked, it’s not a problem since the data would need to be decrypted before the information would be compromised.
2) Data Transmission. If data is intercepted during transmission to or from the cloud location, the information could potentially be compromised. Encrypting data prior to transfer solves this problem.
SSL is an already accepted solution to securing the transmission of data, so the second advantage of data encryption is redundant to what already done today on a standard basis.
Data encryption certainly makes sense for securing files uploaded to the cloud and later downloaded from it. But most cloud applications require some level of access to the data that they manage. For example, even document management solutions would ideally have access to the file data to be able to construct a full-text search index. Data stored in relational databases are at the heart of popular cloud computing applications like CRM. For these cloud/SaaS applications to be able to search, retrieve and present the data that they manage to users, the applications must be available to have access to the unencrypted data. But once data is unencrypted on the server, the same issues around data security and data leaks become a worry again.
While it seems clear that data encryption will play a key role in securing the cloud, encryption by itself is not the complete solution.