There are myriad factors influencing encryption considerations and associated implementations in the enterprise. The usage of encryption should always be directly related to business considerations, regulatory requirements, and any additional constraints that the organization may have to address. Different techniques will be used based on the location of data, whether at rest, in transit, or in use while in the cloud.
Different encryption options might apply when dealing with specific threats, such as protecting personally identifiable information (PII) or legally regulated information, or when defending against unauthorized access and viewing from systems and platform administrators. Challenges include:
- The integrity of encryption is heavily dependent on control and management of the relevant encryption keys, including how they are secured. If the cloud service provider holds the keys, not all data threats are mitigated against, as unauthorized actors may gain access to the data through acquisition of the keys via a search warrant, legal ruling, or theft and misappropriation. Equally, if the customer is holding the encryption keys, this presents different challenges to ensure they are protected from unauthorized usage as well as compromise.
- Encryption can be challenging to implement effectively when a cloud service provider is required to process the encrypted data. This is true even for simple tasks such as indexing and the gathering of metadata.
- Data in the cloud is highly portable. It replicates, is copied, and is backed up extensively, making encryption and key management challenging.
- Multitenant cloud environments and the shared use of physical hardware present challenges for the safeguarding of keys in volatile memory such as RAM caches.
- Secure hardware for encrypting keys may not exist in cloud environments, with software-based key storage often being more vulnerable.
- Storage-level encryption is typically less complex but can be most easily exploited/compromised (given sufficient time and resources). The higher you go up toward the application level, the more challenging the complexity of deploying and implementing encryption becomes. However, encryption implemented at the application level will typically be more effective in protecting the confidentiality of the relevant assets or resources.
- Encryption can negatively impact performance, especially high-performance data processing mechanisms such as data warehouses and data cubes. The nature of cloud environments typically requires us to manage more keys than traditional environments (access keys, API keys, encryption keys, and shared keys, among others).
- Some cloud encryption implementations require all users and service traffic to go through an encryption engine. This can result in availability and performance issues to both end users and to providers.
- Throughout the data lifecycle, data can change locations, format, encryption, and encryption keys. Using the data security lifecycle can help to document and map all those different aspects.
- Encryption affects data availability. Encryption complicates data availability controls such as backups, DR planning, and colocations because expanding encryption into these areas increases the likelihood that keys may become compromised. In addition, if encryption is applied incorrectly within any of these areas, the data may become inaccessible when needed.
- Encryption does not solve data integrity threats. Data can be encrypted and yet be subject to tampering or file replacement attacks. In this case, supplementary cryptographic controls such as digital signatures need to be applied along with nonrepudiation for transaction-based activities.