In the old traditional banking environments, a safe required two people with keys to open it; this led to a reduced number of thefts, crimes, and bank robberies. Encryption, as with bank processes, should never be handled or addressed by a single person.
Encryption and segregation of duties should always go hand in hand. Key management should be separated from the cloud service provider, and the data owners should be positioned to make decisions (these may be in line with organizational policies), but ultimately data owners should be able to apply encryption, control key management processes, select the storage location for the encryption keys (on premises in an isolated location is typically the best security option), and retain ownership and responsibilities for key management.
Key management is one of the most challenging components of any encryption implementation. Control over the issuance, revocation, recovery, distribution, and history of cryptographic keys is of utmost importance to any organization relying on cryptography for secure communications and data protection. Kirchhoff’s law states, “A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.”
The key, therefore, is the true strength of the cryptosystem. The size of the key and the secrecy of the key are perhaps the two most important elements in a crypto implementation. Even though new standards such as Key Management Interoperability Protocol (KMIP) are emerging, safeguarding and appropriately managing keys is still one of the most complicated tasks you will need to engage in when planning cloud data security.
Common challenges with key management are:
- Access to the keys: Leading practices coupled with regulatory requirements may set specific criteria for key access, along with restricting or not permitting access to keys by cloud service provider employees or personnel.
- Key storage: Secure storage for the keys is essential to safeguarding the data. In traditional in-house environments, keys can be stored in secure, dedicated hardware. This may not always be possible in cloud environments.
- Backup and replication: The nature of the cloud results in data backups and replication across several different formats. This can impact the ability for long- and short-term key management to be maintained and managed effectively.
Key management is important from a security perspective because the enterprise removes the dependency or assumption that the cloud provider is handling the encryption processes and controls correctly. It is also not restricted by shared keys/data spillage within the cloud environments, as there exists a unique and separate encryption mechanism.
Related article – Key Management Options