SafeNet unveils top six ways to encrypt sensitive data on AWS

Identifies best practices for protecting sensitive data in the cloud with strong encryption and authentication.

  • 10 years ago Posted in

SafeNet, Inc. has revealed its top six ways for protecting sensitive data stored on Amazon Web Services (AWS). Businesses are increasingly turning to elastic, pay-as-you-go cloud services such as AWS to run business-critical applications and store company data, but concerns about compliance and sensitive data are impeding progress. In an e-book titled 6 Ways to Enhance Security in AWS, SafeNet outlines how companies can demonstrate compliance and illustrate control of sensitive data.


SafeNet, an AWS Advanced Technology Partner, recommends six solutions to enhance security, including:
· Roots of Trust – Whether protecting cryptographic keys or authenticating devices, Roots of Trust are components inherently trusted to perform one or more security-critical functions, available in both virtual security appliances and tamper-proof hardware appliances. Protecting cryptographic keys, performing device authentication, or verifying software are three examples. Roots of Trust should meet several government security standards and integrate with a large number of cryptographic protocols, allowing organisations to demonstrate compliance with strict information regulations.


· Centralised Encryption Key Management – By using a virtual key management solution that runs in the AWS cloud, organisations can quickly deploy centralised key management in high-availability, clustered configurations. Centralised key management securely stores and manages encryption keys and policies for AWS EC2 workloads, while also ensuring that organisations maintain ownership of their encryption keys at all times.


· Encryption and Pre-Boot Authentication for EC2 and EBS – Encryption and pre-boot authentication for AWS Marketplace can encrypt entire virtual machine instances and attached storage volumes while ensuring complete isolation of data and separation of duties. Such solutions unify encryption and control across virtualised and cloud environments, and increases security and compliance for sensitive data residing in AWS EC2 instances. Encryption and pre-boot authentication also ensures that no virtual machine instance can launch without proper pre-boot authentication.


· Client-Side Object Encryption for Amazon S3 – Client-Side object encryption for storage in Amazon’s Simple Storage Service (S3) can provide keys as input to applications in order to encrypt an object before loading it to storage. This gives customers control of their data by encrypting it within the application before it is uploaded to S3. It also makes data unreadable by unauthorised users and making sure the cloud provider never has access to unencrypted application data.


· Storage Encryption for the AWS Storage Gateway – By utilising a network encryption appliance that offers optimal protection of data at rest in physical, virtual, and cloud-based storage environments, organisations can encrypt sensitive assets before they are saved to Amazon S3 environments. Businesses can also retain strict controls over data access by connecting an on-premises software appliance with AWS S3, establishing a seamless and secure integration between their on-premises storage environment and AWS.


· File Encryption for EC2 Instances and S3 – Automated file encryption for unstructured data contained in network drives and file servers can encrypt flat files that contain sensitive data, including text documents, spreadsheets, bitmap images, and vector drawings. This provides encryption and access control policies to protect designated folders and files via data-centric encryption. As opposed to systems that secure a perimeter or device, such methods secure the data itself, ensuring that files are protected regardless of where files reside or where they are sent.


“Organisations now recognise that encryption, authentication and strong key management are essential to illustrating control and compliance for high value information in the cloud. The problem however is that when it comes to protecting sensitive data in the cloud, many don’t know how to get started.” said Jason Hart, VP Cloud Solutions at SafeNet. “For this reason, SafeNet our six top tips, alongside our strong data protection solutions, ensure that businesses are able to meet their needs for rigorous security, regardless of their environment.”
 

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Trend Micro has released new research detailing the murky cybercrime supply chain behind much of...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...
State of Industrial Cybersecurity report reveals only 21% of organizations achieved full maturity...