We find the roots of the art of cryptography in warfare. Critical messages and war strategies were exchanged between allied armies after applying cryptography, so that the plans and strategies remained well guarded secrets.
Even if the enemy got hold of the message somehow, it could still not make any sense out of that message. As we enter a technology driven era, the war has shifted from the physical battlefields to the cyber space.
Hence, the importance of cryptography is paramount these days. What further enhances the importance of cryptography in cloud security is the very nature of cloud solutions. In the case of the public cloud, data normally resides with the Cloud Service Provider (CSP).
In this post, we will touch upon the concept of cryptography, its two major types, and the ways in which this great security mechanism can be actually applied.
How Does Cryptography Work in IT?
Instead of relaying sensitive information, data or commands directly over the cyber space, an encryption algorithm is applied first. This in turn converts the message into an illegible form, for both the intended and un-intended recipients.
This is where it gets really interesting. The intended recipient of the encrypted information will however be possessing the decryption key, which is in fact the algorithm that again converts that information into an understandable format for the intended user.
While in transit, and without the decryption key, this information will remain completely un-intelligible for a cyber miscreant who somehow manages to get hold of this data or information while it was in transit to the intended recipient.
The two most commonly used encryption methods are Symmetric and Asymmetric encryption, and we will discuss both.
In this simpler encryption method, the same key / algorithm is used for both the operations, that is encryption as well as decryption. While simpler, this method poses challenges on how to securely convey the key to the intended recipient.
This method brings an added layer of security in the whole process. In this encryption method, two separate set of keys / algorithms are used, which are the public and private keys. Any user who has the public key is eligible to send the information securely.
However, only the holder of the private key can decrypt this information at the other end. So, the private keys are circulated only to the intended persons. This method also makes the management process of keys a whole lot simpler.
Now, let us briefly touch upon the most commonly used types of encryption in real world scenarios.
Encryption at Rest
This is one of the most widely used types of encryption. As the name suggests, this technique will keep your sensitive data in encrypted form, so long as it is not being used by any application or software. Upon use, the data will lose its encrypted state.
This type of encryption raises the security level by one more notch. This type of encryption maintains the un-intelligible state of your data or information, while it is in transit. This prevents your data from loss, theft or un-authorized access while it moves.
Encryption in Use
This is one of the most secure types of encryption, as it retains the encrypted state of your sensitive data or information while it is in use. So, as we escalate the type of encryption technique, and its application surface, it keeps on becoming more resource intensive.
The Importance of Key Management
If you look at it this way, encryption is all about the keys / algorithms. The better protected your key management and controls that you put in place, the more effective will be your entire encryption environment, whether its on-premise or hosted in the Cloud.
The costs of data loss, breach and theft clearly outweigh the costs associated with going for encryption, no matter which type or method of encryption you deploy. So, enterprises will have to look at this security mechanism with a broader horizon.
It is always a good idea to separate the management of encryption keys from the service provider itself, especially in the case of the Cloud. This introduces both data autonomy and improved security for the deploying enterprise.
Contact dinCloud for reliable and secure Cloud Hosted Solutions, which are offered in a wide range of options, depending on your unique needs.