The former chief technology officer for the Central Intelligence Agency is a big fan of data encryption.
Ira “Gus” Hunt told Bloomberg News that if, “all data is encrypted everywhere all the time”, people like accused data-thief Edward Snowden would be stopped from leaking classified documents to the Press, and worse, because even if systems containing data were breached, the data itself would be protected.
Last year Snowden, a computer analyst, was charged with espionage by the U.S. government for leaking top-secret NSA documents, leading to revelations about U.S. surveillance on phone and internet communications.
The fallout from Snowden’s alleged espionage has led companies like Google and Yahoo to take greater measures to ensure the security of the data on their networks since it was revealed that the information Snowden is accused of stealing was obtained by National Security Agency secret programs.
Snowden committed his alleged spying while a systems administrator for NSA contractor Booz Allen Hamilton Holding Corp., and it is because the information was not encrypted that it made any sense once stolen.
Snowden had direct access, but the future is favoring cloud-based storage as the primary method of storing data. Microsoft’s SkyDrive cloud storage service now has more than 250 million users worldwide, and a world that is transitioning to cloud-based data storage more each day means that keeping data safe is an ever more complicated concern.
Experts say that not only might your data be just as vulnerable in the cloud, it may as well be lumped-in with the sensitive data of your competitors. Imagine what kind of powder-keg that could turn into in the event of a security breach.
Many organizations believe the cloud doesn’t offer the security that their own data centers do. But cloud-based data can be made safe, if your data is encrypted:
- Encrypt your data.
Bloomberg News again quotes Ira “Gus” Hunt that, “Snowden would have needed a digital key to decipher the secrets after gaining access to them if the data was scrambled.”
- Retain control of your encryption keys.
Maintaining control of the literal keys to your cloud-based kingdom is paramount to its security. If your organization doesn’t want to manage encryption keys out of concerns surrounding disaster recovery, backup and availability, a third party can offer a solution; one party stores your encrypted data, while another service provider holds the keys to that data, effectively making your files inaccessible and unreadable to anyone but you.
- Leaving your service provider shouldn’t mean leaving your data.
Service Providers often create copies or backups of your virtual machine so that they can achieve their operational uptime SLA’s. It’s not realistic to believe a Cloud service provider could completely retrieve and delete all copies once you decide to leave. When you hold the keys to your cloud data, decommissioning and deprovisioning are possible, cutting down on what you may leave behind in duplicate data.
Be sure to get involved with an innovative provider of encrypted storage devices and top level remote management systems.
Written by Scott Belladonna of Data Locker providing industry leading hardware encrypted storage devices in the United States. You can follow their business rambling on Twitter @Datalocker.