Another good question to ask of a prospective cloud storage provider: what is their use of encryption?
Managing data securely involves many things, but one element that suppliers make quite a song and dance about is the fact that they encrypt your documents/data, making it “100% secure.” But things are not quite that simple, and you need to ask some more probing questions before taking that sort of claim at face value.
For example:
- Are my documents encrypted whilst “at rest” in your system?
- Are my documents encrypted whilst “in transit” to your system?
via File Encryption Compromises in the Cloud < Real Story Group Blog.
Check out the May 2011 draft standards:
Recently, NIST published their Draft Cloud Computing Synopsis and Recommendations (May 12, 2011). It is a must-read for anyone contemplating cloud computing, or as attorney Craig Ball laid it out, contemplating “three on-demand service models delivered via a network.”
via @LegalTechTrek
Also refer to the other cloud posts on our blog:
One thought on “Cloud File Encryption – requirements or compromises”