Ensuring Trustworthy Data

In the cloud, company data that was previously secured inside a firewall may now move outside to feed any number of business applications and processes. Although cloud providers must have the proper controls in place to ensure the security and privacy of your data, you are ultimately responsible for your company’s data. This means that industry and government regulations created to protect personal and business information still apply even if the data is managed or stored by an outside vendor. For example, the European Union has implemented a complex set of data protection laws for its member states. In addition, industry regulations, such as the Health Insurance Portability and Accountability Act (HIPAA) created to secure the privacy of individual healthcare information, must be followed whether or not your data is in the cloud. Healthcare organizations must require their subcontractors to comply with HIPAA privacy considerations and use reasonable security measures.

Assessing hybrid cloud data risks

You need to be concerned about a number of issues in a hybrid cloud environment. Of course, the level of risk depends on the kind of data that you’re trying to secure. This data can range in type from credit card transactions to Social Security data to internal social network site data. You need to decide what kind of data you’re willing to either put into the cloud or connect to the cloud based on the risk you’re willing to take if that data becomes compromised in some way or if you can’t access it. Here are just a few data-related risks to think about:

check.png Co-mingling of data: As we mention in Chapter 15, in a hybrid cloud, there’s a good chance that your data will be co-mingled with another company’s data on a server. Your neighbors, therefore, matter. For example, if one neighbor is successfully attacked, the attack could affect your data availability or security. Or, if one of your co-tenants engages in malicious activity, you can be affected. Your data might become compromised.

check.png Data deletion: If you end your contract with your service provider and ask it to delete your data, this procedure may not be done in a secure manner. That means some of your data may still be on the provider’s disks and that others can access it.

check.png Data breaches: Hackers are very much aware of the new cloud model and the fact that data is moving through the cloud. However, depending on where your data is located, your cloud provider may not have to let you know if its servers are breached. Breach protection laws that protect personal information can vary by country and state.

check.png Data seizure: Your data may be co-mingled with other companies’ data, which means if one company’s data is seized, yours might be, too. For example, in 2009, the FBI raided two Texas data centers and seized a number of servers. Companies that had data on servers that weren’t related to the investigation were severely affected. A number went out of business because they couldn’t uphold their obligations to their customers.

warning_bomb.eps Hackers and thieves are always one step ahead of the latest security measure, so data protection tools need to be used wisely to provide adequate protection. For example, situations exist where thieves have been able to steal encrypted data. In one recent case, the data was encrypted only up to the point the data was delivered to the applications. At that point, it was decrypted, and that’s when the loss occurred. This loss could’ve been prevented if the receiving application had been allowed to control the decryption process.

Securing data in the cloud

The three key areas of concern related to security and privacy of data are

check.png Location of your data

check.png Control of your data

check.png Secure transport of your data

remember.eps Cloud providers must ensure the security and privacy of your data, but you are ultimately responsible for your company’s data. This means that industry and government regulations created to protect personal and business information still apply even if the data is managed or stored by an outside vendor.

It’s important to note that some experts believe that certain kinds of data are just too sensitive for the public/hybrid cloud. This might include highly regulated data, such as medical information. Others believe that if the right level of transparency and controls can be provided, consumers can be protected. In some circles, this is an ongoing debate. Clouds that host regulated data must meet compliance requirements such as Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley, and HIPAA.

tip.eps Because security is such a big issue, we’ve devoted Chapter 15 to it. In addition, if you want to learn more about security in the cloud, we point you to the Cloud Security Alliance (https://cloudsecurityalliance.org ) for more information.

technicalstuff.eps

Beware of attacks by hackers

Attacks that hackers can perpetrate against your systems include man-in-the-middle, sniffing, and side-channel attacks. Man-in-the-middle occurs when an attacker intrudes into a communication and is actively monitoring, capturing, and controlling your communication. The attacker can even insert false information into it, by modifying the data. A sniffer is an application or device that can read network packets while they’re being transferred. The attacker can then read your data as well as figure out your network. A side-channel attack uses observations of a system — such as its power consumption or computation time, to crack an encryption system.

The location of data in the cloud

After data goes into the cloud, you may not have control over where it’s stored or how it’s used. Numerous issues are associated with this situation:

check.png Specific country laws: Security and regulatory laws governing data can differ across different geographies. For example, your own country’s legal protections may not apply if your data is located outside of it. A foreign government may be able to gain access to your data or keep you from having full control over your data when you need it.

check.png Transfer of data across country borders: A global company with subsidiaries or partners (or clients for that matter) in other countries may be concerned about cross-border transfer of data because of local laws. Virtualization makes this an especially tough problem because the cloud provider might not know where the data is at any particular moment, either.

check.png Secondary use of data: In public cloud situations, your data or metadata may be vulnerable to alternative or secondary uses by the cloud service provider. Without proper controls or service level agreements in place, your data may be used for marketing purposes. It could be merged with data from other organizations for such alternative uses. Also, the service provider may own any metadata (see the next section for a description of metadata) it has created to help manage your data, thus lessening your ability to maintain control over your data.

The control of data in the cloud

You may or may not have heard the term the CIA Triad. No, this isn’t about covert operations. CIA stands for Confidentiality, Integrity, and Availability. These three attributes have been around a long time in the world of auditing and management controls; they’re critical for data in the cloud environment for the following reasons:

check.png Confidentiality: Only authorized parties with the appropriate privileges can access certain data; that is, there’s no theft of the data.

check.png Integrity: Data is correct and no malicious software (or person) has altered it; that is, there is no tampering with the data.

check.png Availability: Network resources are available to authorized users.

These three attributes are directly related to controlling data. Controls include the governance policies set in place to make sure that data can be trusted. The integrity, reliability, and confidentiality of your data must be beyond reproach. This holds for cloud providers, too.

remember.eps You must understand what level of controls will be maintained by your cloud provider and consider how these controls can be audited.

Here’s a sampling of different types of controls designed to ensure the confidentiality, integrity, and availability of your data:

check.png Input validation controls to ensure that all data input to any system or application are complete, accurate, and reasonable

check.png Output reconciliation controls to ensure that data can be reconciled from input to output

check.png Processing controls to ensure that data are processed completely and accurately in an application

check.png Access controls to ensure that only those who are authorized to access the data can do so. Sensitive data must also be protected in storage and transfer. Encryption can help to do this

check.png Re-identification (the process by which anonymized personal data is matched with its true owner) controls to ensure that codes are kept in a separate location to prevent unauthorized access to re-identification information

check.png Change management controls to ensure that data can’t be changed without proper authorization

check.png Data destruction controls to ensure that when data is permanently deleted, it is deleted from everywhere — including all backup and redundant storage sites

The concept of controls in the cloud is so important that the Cloud Security Alliance (https://cloudsecurityalliance.org ) has put together a list of over 100 controls called the Cloud Controls Matrix (CCM) to guide cloud vendors and assist potential cloud customers in assessing the overall risk of the provider. The matrix outlines the controls, as well as architectural implications and the kinds of cloud delivery models (Infrastructure as a Service [IaaS], Platform as a Service [PaaS], Software as a Service [SaaS]) that the control pertains to.

technicalstuff.eps Controls can be disclosed. When cloud services are certified for ISO 27001 or SSAE 16, the scope of controls should be disclosed. ISO 27001 is an Information Security Management System standard that requires, among other things, that management (of your cloud provider) design a set of risk controls that are deemed unacceptable, which means you should be able to examine this plan. The Statements on Standards for Attestation Engagements No. 16 or SSAE 16, which was developed by the American Institute of Certified Public Accountants (AICPA), has replaced the Statement on Auditing Standards (SAS) 70, which service providers had used in the past. SSAE is now the new standard for reporting controls at service organizations. In SSAE 16, management at the service organization must provide a description of its “system” along with a written statement of assertion rather than a simple description of controls.

tip.eps Your company needs to develop and publish a consistent set of rules and policies regarding the creation, capture, management, transmission, access, storage, and deletion of confidential and business-critical data. Use techniques, such as encryption and tokenization, to reduce exposure to data theft and misuse. We recommend speaking to your cloud provider regarding what controls it provides for your data.

The secure transport of data in the cloud

Say that you’ve decided to move some of your data to the cloud. Regarding data transport, keep two things in mind:

check.png Make sure that no one can intercept your data as it moves from point A to point B in the cloud.

check.png Make sure that no data leaks (malicious or otherwise) from any storage in the cloud.

These concepts are not new; the goal of securely transporting data has been around as long as the Internet. The issues you face moving your data from one point to another are really the same kinds of issues you might have faced moving your data from your data center in Pittsburg to the one in Miami.

In the hybrid cloud, the journey from point A to point B might occur any number of ways: within a cloud environment, over the public Internet between an enterprise and cloud provider, or even between clouds.

The security process may include segregating your data from other companies’ data, then encrypting it by using an approved method. In addition, you may want to ensure the security of older data that remains with a cloud vendor after you no longer need it.

A virtual private network (VPN) is one way to manage the security of data during its transport in a cloud environment. A VPN essentially makes the public network your own private network instead of using a dedicated connection. A well-designed VPN needs to incorporate two things:

check.png A firewall to act as a barrier between the public Internet and any private network

check.png Encryption to protect your sensitive data from hackers; only the computer you send it to should have the key to decode the data

In addition to transport, in a hybrid world, there will be touchpoints between your data and the cloud. Therefore, it’s important to deal with the storage and retrieval of this data. We talk more about storage in Chapter 20. It’s important to note, however, that a lot of research has been done over the past decade on storage and retrieval of sensitive information. Some of these techniques use some form of encryption to prevent information leakage. Researchers and experts in the field are now working on other techniques to deal with the challenge of the server performance degradation because of encryption. They’re addressing issues related to data partitioning between your on-premises data and a service provider. They’re investigating how to deal with distributed query processing over unencrypted and encrypted data.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.12.108.175