Bring Your Own Encryption provides companies with a viable way to address data sovereignty concerns in a cloud environment.
CAIRO, Egypt, 10th December, 2015: While cloud computing, virtualisation, and other enabling technologies are integral to the Always-On business, Gregg Petersen, Regional Director, Middle East and SAARC at Veeam Software, feels it should not detract from the importance of security. He discusses how Bring Your Own Encryption (BYOE) could reprioritise this for decision-makers in Egypt.
“The BYOE security model gives cloud customers complete control over the encryption of their data. In essence, this enables them to use a virtualised example of their own encryption software together with the applications they are hosting in the cloud, to encrypt their data. At the same time, cloud providers are finding innovative ways to let users manage their encryption keys,” he says.
Up to now, questions around data sovereignty drove the majority of decisions around moving to the cloud. After all, having corporate data being subjected to the laws of the country in which it is located has created additional challenges for CIOs the globe over.
With BYOE, it does not matter where organisational data resides as the company has its own encryption key.
This places the onus on the business to encrypt the data locally before storing it offshore. Given the connectedness of the world and the extent at which people access back-end corporate data using a myriad of devices irrespective of location, this is an especially empowering way of going about security.
It is a great way of diversifying the backup strategy of an organisation. Not only does it mean there are local and off-site copies available, it also provides decision-makers with the added peace of mind that the data is secure from prying eyes.
“Of course, this does not mean companies should embark on a mass exodus and migrate to international solutions providers. Instead, BYOE gives companies the flexibility to use local cloud providers as their primary option and offshore data centres as additional backups once the data is encrypted,” says Gregg.
However, when it comes to this model one of the biggest concerns is what happens if the encryption key is lost? After all, encryption is theoretically a single point of failure that could see all corporate data lost.
“There are ways to address this. As an example, Veeam has implemented a feature where it can generate a new encryption key for the company. This is done once certain elements have been verified and provides customers with a fail-safe solution around encryption,” he adds.
However, BYOE does not mean there is an inherent distrust towards cloud providers. Rather, it is about securing corporate information as effectively as possible to meet regulatory requirements.
“This is where trust partnerships with vendors come in. If a corporate relies on a service provider who understands its unique requirements, the best way to enhance the relationship is to integrate BYOE. The Always-On business requires an environment that is conducive to innovation and leveraging the best technologies for the needs of the business. BYOE supplements that from a security perspective,” he concludes.