There exists a false sense of security around the effectiveness of SSL. A number of people believe that leveraging an encrypted (SSL) channel of communication between the enterprise and the cloud will protect their data at all times. While that is true to a certain extent, I’d like to bring up a few points:
1. SSL only protects your information while it’s being transmitted over the internet, and not once it reaches it’s destination. SSL could be terminated at the cloud provider’s network edge (load balancer) or even much earlier if 3rd party solutions like Akamai are being leveraged (a number of providers share their private keys with Akamai). A malicious insider at the cloud provider or 3rd party could potentially gain access to your data via a man-in-the-middle attack.
2. Like most other software technologies, SSL is prone to security flaws. For example, a serious SSL vulnerability was exposed in late-2009 that allowed secure web sessions to be attacked.
3. Some cloud providers apply traditional database encryption to their customers’ data. Customers however question the effectiveness of this because the keys are ultimately stored by the same cloud providers. This certainly doesn’t address one of the top threats to cloud computing as listed by CSA – unauthorized access to data by malicious insiders. The DBA who has access to your data will likely also have access to the encryption keys.
4. Even if the insider threat is not a concern for your organization, it might be worth assessing the current attack vectors. According to the SANS Institute, attacks against web applications constitute 60% of the total attack attempts observed on the internet. Database encryption fails to protect against such attacks, as data is decrypted prior to being presented to the web application.
5. Most security conscious customers who care about encrypting data at rest also want the ability to manage and maintain their encryption keys. Cloud providers do not have solutions in place that would allow customers to retain ownership of encryption keys and manage them according to their organizational security standards.
CipherCloud: A new model for encrypting data in the cloud
One of the first principles of cloud data protection that we discussed in a previous blog post was: Provide customers full control over their data in the cloud. Cloud providers should not have access to any sensitive customer data.
Rather than relying on cloud providers to encrypt data, CipherCloud enforces your data protection policies, by encrypting sensitive data before it leaves the enterprise network. The encryption keys remain under your control at all times, and are not shared with any 3rd party. You can implement your key lifecycle management (creation, archival, rotation, deleting, etc.) policies as required and integrate with enterprise key management systems.
This eliminates any dependency on the cloud provider to protect your data. Further it eliminates the risk of a security breach resulting from a network, OS, physical, database or web-application level attack outside of your enterprise.