Apple’s opposition to an FBI request to unlock the iPhone of Syed Rizwan Farook, the shooter in the December terrorist attack in San Bernardino, CA, has raised the issue of data privacy and security, not just on individual devices but also when devices are connected to the cloud.
Your device or on-premise server might be protected, but what about when you connect them to the cloud? It may be vulnerable to attackers or be subject to government requests.
Cloud security introduces different challenges because there are more players, said Mark Nunnikhoven, vice president of cloud research at Trend Micro Inc. Also, the type of security you want depends on what you want to protect your data from. Do you want to protect it from hackers or protect it from government agencies?”
It’s an issue a lot of companies are thinking about and taking steps to address, said Ellen Rubin, CEO of ClearSky Data. And the first line of defense for them, she said, is encryption. In fact, the argument any cloud service provider (CSP) will make is that if you are concerned about your data—whether because of hackers or governments wanting access—you must encrypt your data, she said.
And the data must be encrypted at rest, as well as in transit to the cloud—whether it’s a public, private or hybrid cloud environment, Nunnikhoven said.