Developing a Data Protection Architecture in Cloud
Read time: 3 minutes 42 seconds
Gartner has predicted that spending on public cloud services will grow by 23.1% in 2021 to a total of $332.3 billion. The COVID-19 pandemic and shift to remote working has forced companies to move their workloads from on-premises to the cloud. Apart from this, many emerging technologies such as containerization, edge computing, and analytics are driving the additional growth of cloud computing.
Cloud computing provides multiple advantages, but there are still many security issues that are of great concern to organizations. Organizations are saving their critical applications and customer’s personal data in the cloud, and securing those applications and data is critical for their business. There have been multiple security incidents in the past few years where companies failed to secure customer’s sensitive data in the cloud. In January 2020, over 250 million Microsoft customer records were exposed online without proper protections. In 2021, a massive data leak exposed LinkedIn profiles of 700 million users. The personal data of the affected users was put up for sale on a dark web forum. The exposed data included Personally Identifiable Information (PII) of users such as Full Names, email addresses, home addresses, phone numbers etc.
Along with the organizations, the focus of hackers has also shifted from on-premises data to cloud data. According to a survey, almost every organization has experienced a cloud data breach in the past 18 months. Gartner has stated in its cloud security assessment report that by 2025 99% of the cloud security failures will be due to the security issues on the customer’s side rather than the cloud provider side.
Organizations’ Concerns for cloud data security
Developing Architecture for Data Protection
- Sensitive data is protected at rest, in transit and in use.
- Sensitive data should always be encrypted at the organization side before it is transmitted to the cloud for storage.
- The encryption keys should be controlled by the organization and not the cloud provider.