Key Management in a Multi-Cloud Data Encryption Environment
Cloud. Multi-cloud. Hybrid cloud. Today, 74% of enterprises describe their strategy as hybrid/multi-cloud, according to Forrester. These numbers are confirmed by Gartner, projecting that 75% of mid-size and large organizations will adopt hybrid and multi-cloud IT strategies by 2021. With 62% of public cloud adopters using two or more cloud environments, it’s no wonder that securing IT environments spread across multiple clouds can be a top challenge facing enterprises, especially when it comes to key management.
Moving workloads from one cloud to another involves decryption, moving, and re-encryption, potentially leaving data unprotected in transit. These and other problems can turn into an unmanageable nightmare in hybrid and multi-cloud environments.
In a typical cloud platform, secret keys are generated and managed directly by the cloud platform’s cryptographic environment. While this does establish a high degree of security when the organization lets the cloud provider manage its cryptographic keys, that organization loses control over these keys and its ability to migrate to a different provider, if needed. This also presents a major risk to the organization, as there are limited capabilities for the organization to back up its cryptographic keys.
Take for example, an outage at the cloud provider, which would lead to the loss of those secret keys and there is no way for the organization to recover their encrypted data. Furthermore, if the cloud provider directly manages an organization’s cryptographic keys, local employees could access the organization’s sensitive data if proper oversight and controls are not in place. If the local organization is issued a legal order, they are left with no choice but to comply and hand over the organization’s keys.
Multi-Cloud Key Management Data Encryption Solutions
To address these challenges, many organizations are looking for a Bring Your Own Key (BYOK) solution, where they can provide and manage their own encryption keys used by the cloud service providers.
In our webinar “Mastering Key Management in a Multi-Cloud Environment,” we will help you take control. We’ll look at the trends and advantages of multi-cloud deployments, the challenges of encryption key management in a multi-cloud world, and cloud-neutral approaches to encryption key management.
Learning Objectives:
- Understand the challenges of encryption key management in a multi-cloud world
- Learn how to avoid creating cloud silos and better protecting data flows between clouds
- Learn how to implement a cloud-neutral approach to encryption key management