Cloud offerings are becoming a mainstay in Internet resources, and enterprises are embracing cloud offerings in one form or another as part of their cloud strategy (and cloud key management strategy). These strategies vary greatly from Internet-as-a-service to software-as-a-service. The depth of any deployment also varies from a hybrid combination of services to a focused and very granular implementation that uses technical controls to restrict access to specific roles of specific employees in an enterprise.

The flexibility of the cloud makes the breadth and depth of options readily available, easy to deploy and capable of adopting new innovations and technology faster than a single-enterprise data center. This is also true of cloud key management.

Everything that has been deemed viable in a data center is now being implemented in a cloud. In addition to being more flexible, cloud deployments are being achieved at a lower initial and operational cost. Who wants to deal with power, air conditioning, cable and rack space, anyway? With a click of a mouse, you can have your cloud data center up and operating — bam!

The cloud might not be the end-all solution for everybody, but if its growth in mobile apps and cloud-based services is any indication, it is very clear that enterprises must adopt a cloud strategy to remain flexible and competitive. If they don’t, they can look at the history of companies such as Research in Motion, Nortel and Digital Equipment Corporation to see what can happen if enterprises don’t remain flexible and competitive. Sometimes the best, most strategic options are not coming from what existing customers say they need, but rather what the untapped market of customers really wants. Frequently, those options are not intuitive.

The cloud is happening. The cloud is coming. The cloud is here. Enterprises must adopt cloud strategies. In response, the cloud has and is changing to help large and small enterprises be more flexible and competitive than ever. But how is the cloud changing? What will address the needs and concerns of enterprises that are inhibiting their move to the cloud?

Cloud Keys and Cloud Key Management

Data is like water — it goes everywhere. It leaks, spreads, changes form, expands and replicates. Putting it back after it is in the wild is virtually impossible. It’s like trying to catch crickets and put them in a glass jar without letting any of those already in the jar get out.

To no surprise, data confidentiality in the cloud is a primary concern of enterprises. However, that concern can be alleviated if there is a demonstration of the comprehensive and integrated suite of controls that are behind any cloud offering. Such a comprehensive architecture must deploy more than a single technology bullet to control the dynamic petabytes of data overseen. It takes policy, progress and technical controls, all integrated and working as a single ecosystem of security.

With all this data, not everything can be reasonably tracked. However, it can be controlled with a secure ecosystem that provides the suite of controls necessary to alleviate the security concerns for the marketplace. Enterprises need confidentiality, integrity and availability of data.

The strategy comes down to leveraging data. In other words, large amounts of data should be controlled by implementing controls so that the management of large amounts of data is achieved by controlling smaller amounts of data. Think of the flight controls in an aircraft. These are a small set of controls that are able to easily manage a very large machine.

In the context of data, data leverage is achieved through implementing technical controls based on the open deployment of cryptography and key management. If you control the keys, you control the data. You can control petabytes of data by controlling kilobytes of keys (as is implied, kilobytes are much smaller than petabytes).

Controlling Access to the Cloud

The conventional wisdom of the cloud is a highly scalable environment that can store all data, have necessary processing capabilities and be available to authorized individuals. However, with all that data, how can you technically control access (versus policy or procedure controls)? This is done through data leverage: using cryptographic keys to control the confidentiality and availability of data. Enterprise key management in the cloud, or cloud key management, will bring enterprises the seamless and simple capability to enforce confidentiality in the cloud and provide that capability to an endlessly scalable level.

This means that enterprise key management will be one of the necessary, centralized mechanisms that will help manage the confidentiality of all the data in the cloud. Enterprises will control their keys and, as a result, control their data. Cloud key management is coming and will be a natural extension of enterprise key management. It is already being adopted by enterprises that are leaders in their space. It is being offered to consumers and taking many forms, from being deployed on-premise with network access to the cloud to being completely deployed in the cloud. It will be flexible. With cloud key management, you will have data leverage in the cloud.

Over the coming months and years, be sure to keep an eye out for cloud key management. It is becoming a capability of cloud solutions, it is part of cryptography for business and it will grow to become a ubiquitous part of any cloud offering. It is coming to a cloud near you.

More from Cloud Security

How I got started: Cloud security engineer

3 min read - In today’s increasingly cloud-focused business environment, cloud security engineers are pivotal in protecting an organization’s critical data and infrastructure. As experts in cloud security, they leverage their expertise to ensure that the ever-expanding amount of cloud data is safe from emerging threats and vulnerabilities. Cloud security professionals combine their passion for technology with a deep understanding of security principles to design and implement robust cloud security strategies. What experience do these security experts have, and what led them to the…

“Authorized” to break in: Adversaries use valid credentials to compromise cloud environments

4 min read - Overprivileged plaintext credentials left on display in 33% of X-Force adversary simulations Adversaries are constantly seeking to improve their productivity margins, but new data from IBM X-Force suggests they aren’t exclusively leaning on sophistication to do so. Simple yet reliable tactics that offer ease of use and often direct access to privileged environments are still heavily relied upon. Today X-Force released the 2023 Cloud Threat Landscape Report, detailing common trends and top threats observed against cloud environments over the past…

Lessons learned from the Microsoft Cloud breach

3 min read - In early July, the news broke that threat actors in China used a Microsoft security flaw to execute highly targeted and sophisticated espionage against dozens of entities. Victims included the U.S. Commerce Secretary, several U.S. State Department officials and other organizations not yet publicly named. Officials and researchers alike are concerned that Microsoft products were again used to pull off an intelligence coup, such as during the SolarWinds incident. In the wake of the breach, the Department of Homeland Security…

What you need to know about protecting your data across the hybrid cloud

6 min read - The adoption of hybrid cloud environments driving business operations has become an ever-increasing trend for organizations. The hybrid cloud combines the best of both worlds, offering the flexibility of public cloud services and the security of private on-premises infrastructure. We also see an explosion of SaaS platforms and applications, such as Salesforce or Slack, where users input data, send and download files and access data stored with cloud providers. However, with this fusion of cloud resources, the risk of data…