How do customer-managed data encryption keys work with sync and share?
By Terri McClure, SearchCloudStorage. See original article here.
Most sync-and-share products encrypt data, but a growing number of vendors are handing encryption key management over to customers.
Management of data encryption keys has been in the news a lot lately, with enterprise file sync-and-share vendors such as Citrix ShareFile, Syncplicity,Intralinks and Box Inc. all making announcements in the past six months regarding customer-managed keys. This feature allows IT organizations to hold decryption keys for data stored in the cloud. Successful key management plays a critical role in keeping online file system data secure.
Vendors have introduced customer-managed keys to address the issueof accessibility of data by the service provider. Almost all enterprise file sync-and-share cloud service providers encrypt customer data when it is stored in their service. Many of them also hold the data encryption keys. They do this for a very good reason -- to facilitate sharing of information between users and domains. So if user A wants to share a file with user B, the service provider acts as a broker between the two -- and to do that, the provider needs to be able to give user B access to the file.
There can be issues with this approach. If the cloud provider holds both the data and the keys, a hacker could get into the service provider's data center and access both items. Or a rogue employee within the service provider's organization could get at the keys and the data, opening up a host of issues around potential security breaches. These services usually store the keys in different locations than the data, adding a layer of security, but the keys are maintained outside of a customer's standard security policies and practices.
Another thing to think about regarding the service provider holding both the keys and data is that the provider can turn over data in the event of a subpoena -- and every provider we've asked has said it is their policy to do so if they have access to the data, and they may turn over the data without notifying the company that actually owns it.
Cloud services usually store the keys in different locations than the data, but the keys are maintained outside of a customer’s standard security policies and practices.
So it's no surprise there has been afocus on customer-managed encryption keys from the enterprise file sync-and-share service provider community. If the customer manages the keys, the cloud provider cannot turn over the data it holds without subscriber knowledge -- the subscribing company must be involved in the process. It also means a rogue service provider employee can't access the files. But there are downsides to customer-managed data encryption keys. The customer must follow best practices when it comes to key management -- rotating and backing up keys. Because if keys are compromised or lost, so is the data. The service provider cannot help in the recovery process if it doesn't have access to encryption keys.
In choosing the right encryption key management processes for your company, you should think about the types of company data you want to store in an online file-sharing product. For information that requires high security (IP, regulated data), you may want to consider an offering that allows you to manage your own keys to ensure that any data stored in the cloud and accessed by a hacker (or a rogue employee in the cloud data center) is nothing more than useless bits and bytes. Regardless of who has access or owns the keys, activity around keys should always be logged for auditing purposes.