By Matthew Brady, Daymark Consultant
Ensuring data confidentiality means that only authorized users have access to the data. Simply put, eyes that should not be viewing the data can’t see it.
On physical media, this can mean several things: ensuring no physical access to the media, password authentication for disk drives, or encrypting media. However, cloud backup introduces a major paradigm shift. There are no doors to lock. Do passwords mean anything when your data is being transmitted over the Internet?
Secure cloud backup puts these concerns to rest. In fact, secure cloud backup can provide a stronger level of confidentiality and data privacy than traditional backups.
So how does it do it? How does secure cloud backup ensure confidentiality?
The following components should be present in secure cloud backup to address confidentiality concerns:
- Multi-mode authentication
- Role-based access
The linchpin that holds the confidentiality of secure cloud backup together rests in the encryption used by the cloud backup software. Before data ever leaves your network, the data must be encrypted. Think of it as putting the data in a safe and only you hold the key. You can take that safe anywhere – put it on an airplane or train. You can safely move it anywhere you like, but as long as you hold the key, prying eyes will never know the contents of the safe. That is what the encryption of cloud backup must do for your data.
The nature of cloud backup dictates that data is transmitted somewhere and then stored somewhere out in the cloud. To ensure confidentiality of your data, that encryption must be present at every stage of the backup process. As the data is “in flight” on the Internet, the data should be encrypted. As the data is “at rest” with the service provider, the data should remain encrypted. Furthermore, the service provider should not have the ability to decrypt, and thus view the data. This means the key used to encrypt the data should rest only with you, the customer, and no one else.
Initially, a service provider may use a seeding device to capture the first full backup. Similarly, it is common for a service provider to be able to export a customer’s data for restore. The security of secure cloud backup must extend to these devices. Any data written to a physical device for transport should possess the same high level of encryption as data put on the wire.
Encryption in and of itself involves complex algorithms, iterations, and keys. To be a smart consumer of cloud backup does not mean you have to understand encryption at a detailed level. You just have to ask the right questions.
What level of encryption is used?
The answer should include strong encryption algorithms such as AES or 3DES. Additionally, it should have a high bit-level. AES 256 is considered to be a strong encryption method. DES (or “Single DES”) has known weaknesses and can be cracked.
Is the encryption certified?
Not all encryption is created equal. The National Institute of Standards and Technology (NIST) recognizes this and has created a certification for encryption modules inside of software called Federal Information Processing Standard (FIPS) publication 140-2. This outlines the requirements of an encryption module needed to collect, store, and transfer sensitive data by the US government. This certification is available for all encryption modules and should be the basis for evaluating the encryption of a cloud backup service.
Cloud backup relies on a client or agent deployed at the customer location that must connect to the cloud storage platform. If this connection can be spoofed, the transmission of the data is susceptible to man-in-the-middle attacks. This means those without authorized access could intercept the data. The connection must rely not only on account information and credentials for authentication, but also on hardware-based authentication that relies on the uniqueness of the machine where the backup software is installed. This ensures that the data cannot be intercepted while it is in transit to the cloud for storage. Remember, IP addresses and MAC addresses can all be spoofed very easily. You need something to depend on that cannot be compromised - like a multi-faceted hardware profile.
Role-Based Access to the Backup Software
If an employee has access to the backed up data, they have access to the data itself. It is just one restore away from being viewed. Secure cloud backup means maintaining the same level of authentication to access backups as you have in place for accessing the data itself. The backup software, and specifically the user interface, should allow you to define individuals and groups that can access the backed up data. To take this a step further, you should be able to identify what jobs or tasks a user can perform inside of the user interface. This level of security protects you from the liabilities that come from unauthorized employees viewing sensitive data.
Conclusion – Ask the Right Questions
Keeping your data confidential should be a key capability of any cloud backup service provider. Be a smart consumer. Ask the right questions about your data and access.
- Is it encrypted?
- When is it encrypted?
- How is it encrypted?
- Is it ever decrypted? Why?
- How do I authenticate to my account?
- Can my authentication be spoofed?
- Can I limit which employees have access to the backed up data?
Secure cloud backup has been specifically designed to address confidentiality. While it is not uncommon for backups to traditional media to not be encrypted, secure cloud backup must be encrypted, and with the right features, your sensitive data will be more secure than with previous methods. Add to that, the fact that secure cloud backup provides the additional protection of an offsite copy, and one can see why cloud backup adoption rates are starting to rise dramatically.
Remember that secure cloud backup can and should meet confidentiality, integrity, and availability requirements.
Next blog: What features are needed to meet integrity requirements?