Security aspects that must be considered when deploying cloud services
Surging demands on IT infrastructure, combined with a talent shortage, are leading to an intensified adoption of public and private cloud environments. This inevitably increases the requirement for highly secure encryption techniques, such as those that encrypt cloud-based applications.
When starting deployment in the cloud, companies should consider the following;
- Which data will be uploaded to the cloud
- Which processes will be running in cloud infrastructures
- Which services should be deployed as a service and which will stay on-premise
- The location(s) of the CSP, and
- Which rules do apply in these locations.
By opting for a modern, highly available and easy-to-implement cloud-based encryption solution, the risk of unauthorized access to keys or secrets can be mitigated. The major Cloud Service Providers are aware of their customer’s cyber security needs and therefore added SaaS offerings such as key management and hardware security modules to their portfolio.
However, by selecting one of these services, companies are tied to a single cloud vendor and are unable to implement multi-cloud strategies.
UTIMACO provides various HSMs and Key Management solutions that can be deployed “as a Service” and are multi-cloud ready.