The concept of a 'vault' doesn't work in the cloud -- there is no physical box that everything goes in. To complicate matters, stored and archived data can be recalled from the storage device at any time -- even 20+ years from now. Who's to say the data didn't change after it was archived in or retrieved from the 'box'?
Encryption has been an accepted mechanism to protect data from being read while stored on a private network, but has zero benefit in the cloud. First, it provides absolutely no proof that the data hasn't changed (0's and 1's can be changed, even if their context is not understood).
Furthermore, the use of encryption to sign data and applications fails miserably in the cloud as the cloud provider and/or malicious software could gain access to the encryption keys via memory and change the data anyway. Finally, there is always the case where the administrator of the encryption keys uses the keys themselves to change the data.
This article was originally published on 01-31-2011
IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD
Which topic are you interested in?
What is your company size?
What is your job title?
What is your job function?
Searching our resource database to find your matches...