Seite 74 - Cloud Services and Big Data

Implementation of Cloud Services in a Business Environment
65
encrypts one or more fields. This kind of encryption helps speeding up deployment,
enforces employed policies automatically and also aids to prevent potential data
loss for companies that are using Customer Relationship Management tools,
collaboration software, file sharing and cloud storage applications (Dash, 2013).
7.6.4
Enterprise Key Control & Efficient Key Management
If the cloud service provider has autonomy of the keys, used for encryption, data
stored and processes in the cloud runs the risk of being a victim of hackers, insider
fraud or disclosures to law enforcement (Dash, 2013). A recent study conducted by
Gartner (2012) recommends to manage the keys locally (e.g. in the company) to
comply with local privacy requirements and data residency concerns for data
crossing borders.
An efficient key management further comprises efficient key assignment, periodic
key rotation, as well as re-encryption of data, using new keys (Dash, 2013).
7.6.5
Open Platform
An important demand for today’s encryption tools is the seamless integration into a
company’s existing security system. Thus the decision for a technique that enables
efficient cloud encryption should be based on integration considerations (Dash,
2013).
7.6.6
General Recommendations & Encryption Tools
It is advisable to use best practice key management cases, derived from credible
sources. In order to maintain the sovereignty over encryption processes, companies
should refer to their own keys or at least use a trusted cryptographic service. With
regard to the encryption of databases, the Cloud Security Alliance (2011)
recommends to use standard algorithms, because they have already been proven
working. Old and outdated encryption standards, such as the Data Encryption
Standards should be avoided, because these standards are no longer applicable for