How to make The Public Cloud Feel Private – Zero knowledge cloud storage
There’s been a lot of discussions so far about the public cloud and the possible dangers of trusting enterprise data to it. In a previous blog post, we also discussed a few ways to mitigating these risks.
One simple way is to simply keep all enterprise storage inside the network. Basically, an on-premise approach. But what that means is that the enterprise is giving up the well-known benefits of public cloud storage such as OpEx vs CapEx, pay-only-for-what-you-use, elasticity, savings on power, cooling, network infrastructure, and IT staff, etc. So, short of shunning the public cloud entirely, what can an administrator do? Is there a way to get the benefits of a public cloud but with the confidence you have storing data inside your data center or a private cloud?
The Key Lies in the ‘KEY’
There is indeed, and you can achieve this with systems that give you zero-knowledge privacy. A great example that people can relate to is one of the bank’s safe deposit boxes. An individual may rent a bank safe deposit box to store documents of a confidential nature, but will rarely if ever, trust the bank so much that he/she will let the bank have access to the documents. Individuals always ensure that they store a key to their safe deposit box, without which the box cannot be opened.
It is ironic that a number of businesses or their employees who store data using public cloud storage services don’t take this simple precaution. Software solutions that rely on zero-knowledge privacy basically make sure that the keys are given back to those who own the data – and not left with the cloud storage provider.
In spite of its obvious importance, privacy tends to be largely unregulated in most countries. Most privacy policies published by cloud storage vendors usually aren’t guaranteeing privacy so much as informing their customers how they intend to use the data that is placed on their storage systems. Many of them allow themselves to utilize your information for secondary use such as marketing and advertising.
More importantly, though, a number of cloud storage vendors publish semi-annual transparency reports which show how many times governments have asked them for information about users and their data. Laws in many countries require online services and cloud storage providers to turn over this information – many times without the knowledge of the customer to whom the data belongs. Trusting cloud storage vendors with your data completely could also mean that employees of the vendor could have access to the information business customers store on their systems.
Zero Knowledge Cloud Storage
A way to achieve zero-knowledge privacy on the web is to use a Privacy Gateway. By encrypting the data that your enterprise sends to cloud storage destinations, before it leaves the enterprise network, with keys that are known only to the enterprise – a Privacy Gateway can ensure a level of security that isn’t otherwise possible when using cloud storage.
Many cloud storage vendors will insist they’re securing your data via encryption – and they are – but with their keys. Going back to our analogy of using a safe deposit box, this would be like the bank assuring you that your confidential documents are safe in their custody – but with them having access to your data along with you. Even some of the more recent announcements cloud storage and services vendors have made around using customer key management are merely bolt-ons to their original premise – where they still do the primary encryption using a key known to them – and then encrypting that key with a customer key which is then stored in a neutral location like a cloud HSM. At this point, while the customer can take some comfort that the customer keys are involved in encryption, they’re merely the outermost layer – while the primary encryption key is still known to the cloud vendor.
With a true zero knowledge cloud storage implementation, a Privacy Gateway can give you the following:
- Data access only to you – with keys known only to you.
- If the cloud provider is compromised, or the disks holding your data are stolen, your data will be undecipherable.
- If the cloud provider has to comply with the government to turn over your data, the government will still have to approach you to gain access to the data.
Can I Host My Privacy Gateway in a VM Online?
This is a logical question and one that we sometimes encounter. The answer really depends on the enterprise and its security posture.
Strictly speaking, an enterprise’s encryption keys used by the Privacy Gateway should never leave their network premises. But in many cases, with remote offices, where the ability to have a machine (or VM) hosting the Privacy Gateway software, could be challenging – enterprises may choose to host their Privacy Gateway in a trusted VM. While this technically means their keys are in the “cloud” it is vastly more secure than to trust your keys with a cloud provider because enterprises typically have full control over the VM – they can shut it down, take it offline or destroy it if they choose to.
Bottom Line, if your enterprise is a serious consumer of cloud storage services, or if you’re considering becoming one, you’ll certainly do well to consider a Privacy Gateway solution and take back control over your data!