Cloud Key Management: Coming to a Cloud Near You

September 9, 2014
| |
3 min read

Cloud offerings are becoming a mainstay in Internet resources, and enterprises are embracing cloud offerings in one form or another as part of their cloud strategy (and cloud key management strategy). These strategies vary greatly from Internet-as-a-service to software-as-a-service. The depth of any deployment also varies from a hybrid combination of services to a focused and very granular implementation that uses technical controls to restrict access to specific roles of specific employees in an enterprise.

The flexibility of the cloud makes the breadth and depth of options readily available, easy to deploy and capable of adopting new innovations and technology faster than a single-enterprise data center. This is also true of cloud key management.

Everything that has been deemed viable in a data center is now being implemented in a cloud. In addition to being more flexible, cloud deployments are being achieved at a lower initial and operational cost. Who wants to deal with power, air conditioning, cable and rack space, anyway? With a click of a mouse, you can have your cloud data center up and operating — bam!

The cloud might not be the end-all solution for everybody, but if its growth in mobile apps and cloud-based services is any indication, it is very clear that enterprises must adopt a cloud strategy to remain flexible and competitive. If they don’t, they can look at the history of companies such as Research in Motion, Nortel and Digital Equipment Corporation to see what can happen if enterprises don’t remain flexible and competitive. Sometimes the best, most strategic options are not coming from what existing customers say they need, but rather what the untapped market of customers really wants. Frequently, those options are not intuitive.

The cloud is happening. The cloud is coming. The cloud is here. Enterprises must adopt cloud strategies. In response, the cloud has and is changing to help large and small enterprises be more flexible and competitive than ever. But how is the cloud changing? What will address the needs and concerns of enterprises that are inhibiting their move to the cloud?

Cloud Keys and Cloud Key Management

Data is like water — it goes everywhere. It leaks, spreads, changes form, expands and replicates. Putting it back after it is in the wild is virtually impossible. It’s like trying to catch crickets and put them in a glass jar without letting any of those already in the jar get out.

To no surprise, data confidentiality in the cloud is a primary concern of enterprises. However, that concern can be alleviated if there is a demonstration of the comprehensive and integrated suite of controls that are behind any cloud offering. Such a comprehensive architecture must deploy more than a single technology bullet to control the dynamic petabytes of data overseen. It takes policy, progress and technical controls, all integrated and working as a single ecosystem of security.

With all this data, not everything can be reasonably tracked. However, it can be controlled with a secure ecosystem that provides the suite of controls necessary to alleviate the security concerns for the marketplace. Enterprises need confidentiality, integrity and availability of data.

The strategy comes down to leveraging data. In other words, large amounts of data should be controlled by implementing controls so that the management of large amounts of data is achieved by controlling smaller amounts of data. Think of the flight controls in an aircraft. These are a small set of controls that are able to easily manage a very large machine.

In the context of data, data leverage is achieved through implementing technical controls based on the open deployment of cryptography and key management. If you control the keys, you control the data. You can control petabytes of data by controlling kilobytes of keys (as is implied, kilobytes are much smaller than petabytes).

Controlling Access to the Cloud

The conventional wisdom of the cloud is a highly scalable environment that can store all data, have necessary processing capabilities and be available to authorized individuals. However, with all that data, how can you technically control access (versus policy or procedure controls)? This is done through data leverage: using cryptographic keys to control the confidentiality and availability of data. Enterprise key management in the cloud, or cloud key management, will bring enterprises the seamless and simple capability to enforce confidentiality in the cloud and provide that capability to an endlessly scalable level.

This means that enterprise key management will be one of the necessary, centralized mechanisms that will help manage the confidentiality of all the data in the cloud. Enterprises will control their keys and, as a result, control their data. Cloud key management is coming and will be a natural extension of enterprise key management. It is already being adopted by enterprises that are leaders in their space. It is being offered to consumers and taking many forms, from being deployed on-premise with network access to the cloud to being completely deployed in the cloud. It will be flexible. With cloud key management, you will have data leverage in the cloud.

Over the coming months and years, be sure to keep an eye out for cloud key management. It is becoming a capability of cloud solutions, it is part of cryptography for business and it will grow to become a ubiquitous part of any cloud offering. It is coming to a cloud near you.

Rick Robinson
Product Manager, Encryption and Key Management

Rick Robinson comes from a diverse background of architecture, development, and deployment of new products and services that employ cryptography in one form ...
read more