The Cost of Inadequate Data Encryption

BY:

Mar 9, 2016

The-Cost-of-Inadequate-Data-EncryptionThere’s a 90% chance your cloud-based data is in the clear… and that’s a problem.

IT security company Skyhigh evaluated the encryption efforts of over 12,000 cloud providers. Brace yourself. Just 9.4% of these cloud providers encrypt data once it’s stored at rest in the cloud. You don’t even need a calculator for that. It means over 90% of your data at rest on the cloud is prey to unauthorized access.

This is alarming news. But before you take to Twitter or Facebook to share and repost, here’s another Skyhigh statistic. 81.8% of those cloud service providers encrypt data in transit, using SSL or TLS. Whew, it’s reassuring, but that’s not enough. Inadequate data encryption is a costly mistake.
Doing the math

18.2% of the cloud providers leave your data in the clear as it zooms around the Internet. This makes it a 1 in 5 chance that your data could be at the mercy of a man-in-the-middle attack along the way.

On the other hand, 90.6% of those providers leave your data in the clear as it sits on their storage servers. Who’s your cloud service provider? Are they one of the 10,000 or more that don’t encrypt your data at rest on their servers?

And lest you think all the big players out there are on the good side of those statistics, here are two recognizable names.

Gmail

PayPal

What about your mobile devices? Time for a few more names you know. These popular apps are among those that don’t store your data in an encrypted state.

Facebook

Twitter

YouTube

Linkedin

eBay

Data at rest = data at risk

Our focus tends to be on data in state where it’s most vulnerable. Data in motion can be captured. We encrypt it. Almost 82% of cloud service providers have our backs on that.

Unencrypted data at rest is a huge security risk. It’s estimated that the average American company uploads nearly 14 terabytes of data to the cloud each month. It’s pretty safe getting to the cloud and back. But it’s hardly safe if it’s stored on the cloud. What’s in the 167 terabytes you and your company will store on the cloud over the next year?

The cloud is a repository of sensitive data. 34% of us have uploaded sensitive data to a file-sharing service. 21% of all information uploaded contains sensitive data.
What’s at stake?

This unencrypted data at rest can be stolen, and that would be unfortunate enough. But hackers aren’t the only ones who are thrilled that your data is in the clear as it sits on the cloud. Under the USA PATRIOT Act, the U.S. Federal government can legally subpoena your data. Your cloud provider is required by law to provide it. They don’t have to tell you they’ve given your data to the government.
Not just super-sensitive stuff

If it’s health related or financial data, there are federal compliance laws that mandate encryption for sensitive personal data in any state. It’s encrypted in motion, and at rest – even when it’s in the cloud. If these laws do not regulate it, your data doesn’t have to be encrypted.

Do not store your data in the clear. The risk is too high. And if it’s stored on the cloud, it’s likely in the clear.
Time to take control

If your cloud provider doesn’t encrypt data at rest, you can do it yourself. Manage it with encryption keys you own, rather than those your cloud provider manages. It’s a slim chance. Only about 1% of the cloud providers support customer managed encryption keys.

There are 2 more strong options.

Tokenization

Encryption as a service (EaaS)

Pick one. Encrypt your data at rest in the cloud. You’re flirting with disaster without this added protection.

Related Blogs

  • How to Use Amazon WAM to Centralize App Control" alt="">
    Use Amazon WorkSpaces Application Manager to Centralize App Control

    Amazon WorkSpaces Application Manager (WAM) makes it easier to deploy and manage Windows desktop apps by providing users with virtualized instances that run right inside Amazon WorkSpaces. Key...

    Learn More
  • " alt="">
    How Contact Centers Can Verify a Caller’s Identity With Machine Learning and Amazon Connect Voice ID

    Provide a seamless customer service experience, gain efficiency, and reduce losses from fraud with Amazon Connect Voice ID Key Takeaways: Call centers are the latest targets for fraud, increasing...

    Learn More
  • The Cloud Gets Faster: New AWS Instances Redefine Cloud Performance on cloudhesive.com" alt="">
    Building a Better Learner (You!)

    When it comes to completing difficult exams such as AWS Professional and Specialty certifications, it’s important to master two components: The necessary technical skills being tested The...

    Learn More