Why You Should Use Vormetric Cloud on Amazon Web Services



Understand the importance of proper encryption policies when moving to the cloud.

In today’s technologically-driven marketplace, it seems as if every organization is using or planning to use some type of cloud solution to manage and store critical data. And while this offers a host of advantages, it also presents challenges, chief among them being security. In working with my clients, I always try to convey the importance of safeguarding their information when moving large amounts of critical data online.

We always ensure that company administrators understand the benefits of proper key management to ensure that moving to a cloud provider like Amazon Web Services doesn’t increase exposure to data breaches, or give up control of sensitive information.

To address these concerns, it’s crucial to implement a data-focused security solution within each AWS migration. This solution must place the necessary security protections and controls around the sensitive data that would-be attackers are interested in getting their hands on. In addition, data needs to be safeguarded wherever it resides, which could include snapshots, disaster recovery locations, and backup repositories.

When choosing a security solution, it’s important to find a provider that offers the following encryption tools in their suite of services:

Policies that ensure privileged user access controls to all encrypted data

When used in tandem with Amazon’s Elastic Block Storage (EBS) and Elastic Compute Cloud (EC2), Amazon’s Identity and Access Management (IAM) service focuses on controlling network access to individual instances, but it does not offer access controls for any data that resides within the AWS itself. To prevent unauthorized access to critical data, there should be strong, centrally-managed access policies in place at the file system level that enforce when any data can be decrypted.

By implementing access controls with strong encryption capabilities, companies can create robust user access that enables privileged users to perform updates, system management, and other administrative functions, without giving them direct access to protected database tables or other encrypted files.

Integrated encryption and key management

Using robust, industry-standard algorithms for data encryption is one of the most critical steps in protecting sensitive data. Centralized key management should be simple and seamless, offering deployment options that match an organization’s unique needs. Any solution that is implemented should support the storage of keys within the AWS cloud, or within hybrid cloud offerings like AWS Virtual Private Cloud, where data can reside both in the cloud and locally. Finally, to ensure maximum security, keys must always be stored separately from an organization’s critical data, and never be revealed, even to storage administrators.

The above guidelines represent the absolute baseline for meeting compliance requirements and should be viewed as best practices for protecting critical company data.

Vormetric Encryption solutions on AWS

I often recommend Vormetric’s encryption solution for clients who are migrating critical data to Amazon’s cloud servers. Vormetric Transparent Encryption for AWS delivers all of the features necessary to create strong data protection within the cloud, including:

  • Integrated key management and encryption that protects organizational data at the system level within EBS and EC2 instances.
  • Strict separation of roles for systems and security management.
  • Robust APIs and command line tools that integrate well with other third-party infrastructure solutions.
  • A highly scalable structure.
  • Security intelligence reporting that enables integration with SIEM tools that support compliance reporting and event analysis.
  • Access policies offering privileged user controls that ensure data is decrypted only for authorized processes and users, while still allowing cloud and system admins to perform their duties without having access to sensitive data.

If your organization is moving to the cloud to improve performance and scalability, it’s critically important that you do so methodically and with a laser focus on security. Proper planning will avoid the nightmare scenario that can threaten the existence of entire companies: a monumental data breach that causes your customers to lose faith in you.

Related Blogs

  • A call center agent on the phone is in the middle of this illustration." alt="">
    Integrate ConnectPath CX with CRM to Enhance Customer Experience and Call Center Performance

    Enable both customers and agents to do more Key Takeaways: ConnectPath CX, powered by CloudHesive, offers a way to modernize your contact center with nothing to install and configure, ready in 45...

    Learn More
  • Illustration of skill training concept, man climb up ladder to fix and lubricate gear cogs on his brain head." alt="">
    Enhance Your Customer Service Skills with Amazon Connect Training

    Amazon Connect and ConnectPath CX resources help elevate productivity, efficiency, and more  Understanding the ins and outs of a complex customer service management system helps build employee...

    Learn More
  • Against a turquoise background, workers sit around a table on their computers. In the center, a cloud has arrows that show data moving both ways, with information accessible by everyone present." alt="">
    Boost Your Business Efficiency – How to Integrate Amazon Web Services with Other Tools

    Improve collaboration, communication, and get ready to grow   The speed of business today requires a cloud partner that’s reliable, easy to use, flexible, cost-effective, scalable, fast, and...

    Learn More