(Background) Tune from Star Trek.
With “cloud”y skies ahead what really is the last line of defense for our digital age? It’s the data. The data is really the final frontier of defense for our sensitive information. Storage in the cloud, email in the cloud, collaboration in the cloud. There really are no cloud security mechanisms in place or cloud standards or compliance that these vendors have to up hold. So if you choose to use the cloud – protect your information. Solutions such as DLP (client based) hard drive encryption, email encryption, database encryption can all be used to augment existing cloud security. In addition, some vendors have solutions that require a boot password for virtual instances. Not 100% if Spock’s half brother is spinning up your VM’s in Amazon’s EC2 cloud? Afraid of someone copying those instances? No problem, force a pre boot password to ensure no unauthorized users have access to that information.
This is your captain speaking…how we manage key storage, encryption and cloud security will be a challenging time for all of us. Strap yourself in Scotty…it’s gonna be a bumpy ride.