Bring
Your Own Encryption provides companies with a viable way to address data
sovereignty concerns in a cloud environment.
CAIRO, Egypt, 10th
December, 2015: While cloud computing, virtualisation, and other
enabling technologies are integral to the Always-On business, Gregg Petersen, Regional Director, Middle
East and SAARC at Veeam Software, feels it should not detract from the
importance of security. He discusses how Bring Your Own Encryption (BYOE) could
reprioritise this for decision-makers in Egypt.
“The
BYOE security model gives cloud customers complete control over the encryption
of their data. In essence, this enables them to use a virtualised example of
their own encryption software together with the applications they are hosting
in the cloud, to encrypt their data. At the same time, cloud providers are
finding innovative ways to let users manage their encryption keys,” he says.
Up
to now, questions around data sovereignty drove the majority of decisions
around moving to the cloud. After all, having corporate data being subjected to
the laws of the country in which it is located has created additional
challenges for CIOs the globe over.
With
BYOE, it does not matter where organisational data resides as the company has
its own encryption key.
This
places the onus on the business to encrypt the data locally before storing it
offshore. Given the connectedness of the world and the extent at which people
access back-end corporate data using a myriad of devices irrespective of
location, this is an especially empowering way of going about security.
It
is a great way of diversifying the backup strategy of an organisation. Not only
does it mean there are local and off-site copies available, it also provides
decision-makers with the added peace of mind that the data is secure from
prying eyes.
“Of
course, this does not mean companies should embark on a mass exodus and migrate
to international solutions providers. Instead, BYOE gives companies the
flexibility to use local cloud providers as their primary option and offshore
data centres as additional backups once the data is encrypted,” says Gregg.
However,
when it comes to this model one of the biggest concerns is what happens if the
encryption key is lost? After all, encryption is theoretically a single point
of failure that could see all corporate data lost.
“There
are ways to address this. As an example, Veeam has implemented a feature where it
can generate a new encryption key for the company. This is done once certain elements
have been verified and provides customers with a fail-safe solution around
encryption,” he adds.
However,
BYOE does not mean there is an inherent distrust towards cloud providers.
Rather, it is about securing corporate information as effectively as possible
to meet regulatory requirements.
“This
is where trust partnerships with vendors come in. If a corporate relies on a
service provider who understands its unique requirements, the best way to
enhance the relationship is to integrate BYOE. The Always-On business requires
an environment that is conducive to innovation and leveraging the best
technologies for the needs of the business. BYOE supplements that from a
security perspective,” he concludes.