How to Secure Data for Transport in Cloud Computing
5 of 6 in Series: The Essentials of Managing Data in Cloud Computing
When transporting data in a cloud computing environment, keep two things in mind: Make sure that no one can intercept your data as it moves from point A to point B in the cloud, and make sure that no data leaks (malicious or otherwise) from any storage in the cloud.
In the cloud, the journey from point A to point B might be within a cloud environment, over the public Internet between an enterprise and a cloud provider, or between clouds.
The security process may include segregating your data from other companies’ data and then encrypting it by using an approved method. In addition, you may want to ensure the security of older data that remains with a cloud vendor after you no longer need it.
A virtual private network (VPN) is one way to manage the security of data during its transport in a cloud environment. A VPN essentially makes the public network your own private network instead of using dedicated connectivity. A well-designed VPN needs to incorporate two things:
A firewall to act as a barrier to between the public Internet and any private network (like at your enterprise).
Encryption to protect your sensitive data from hackers; only the computer that you send it to should have the key to decode the data.
Your level of concern about security may vary, depending on the governance requirements for your data. In some situations, such as with a test environment processing test data, you may have limited concerns about some of these security and privacy issues. In other situations where you may have a lot at risk if the security and privacy of your data is compromised, you need to evaluate how your cloud vendor treats the security issues.
In addition, you will need to determine how you can audit the ongoing security processes to make sure that your data remains secure.
Concerns about privacy and security of data have contributed to many companies' interest in developing private cloud environments — where company data remains inside the firewall — and to consider hybrid cloud environments — which incorporate some elements of a private cloud and some elements of a public cloud.