Cloud encryption protects corporate data in the cloud from security breaches, third-party disclosures, and compliance violations
Sensitive data is moving to the cloud at an unprecedented rate and organizations are looking for ways to extend encryption policy controls to new cloud-based systems of record and systems of engagement. Across industries, the average organization uploads 13.9 TB of data to the cloud each month. While an impressive 81.8% of cloud providers encrypt data in transit via SSL or TLS, far fewer (just 9.4%) store data encrypted. According to the Ponemon Institute, the average cost of a data breach is now $3.8 million. Encrypting data at rest is an essential element in a robust cloud data security program to limit the damage of data breaches.
Aside from bolstering the security of SaaS applications, storing data encrypted has another positive side benefit. Numerous regional and industry-specific laws including HIPAA-HITECH require organizations to notify customers whose data has been compromised in a breach. However, if that data has been made indecipherable with encryption, organizations are exempt from these breach notification requirements. Since mandatory breach notifications are often followed by a wave of customer lawsuits, nullifying these requirements with encryption can significantly reduce the cost of a data breach for regulated organizations.
Encryption makes data indecipherable to anyone without access to the encryption keys, but when a cloud provider encrypts your data, administrators at the provider can view your data. The cloud provider may also be compelled by law to provide copies of your data to various governments around the world without notifying you. And in the event of a breach, a cyber criminal who has compromised the encryption keys of a cloud provider can decrypt the stolen data. Encrypting data using your own encryption keys can prevent these scenarios, but just 1.1% of cloud providers support tenant-managed encryption keys. Skyhigh’s cloud encryption gateway can help you protect data with encryption you control.
Applies standards-based AES or function-preserving encryption to structured and unstructured data using enterprise-owned encryption keys.
Delivers function preserving encryption schemes that are academia and peer-reviewed, preserving end-user functions such as search, sort, and format.
Substitutes sensitive data with randomly generated tokens to keep data on premises, satisfying data residency requirements.
Provides flexible cloud or on-premise deployment options and integrates with leading key management servers supporting the KMIP protocol.