A trustworthy cloud guarantees data privacy and chain of custody
- 26 September, 2013 16:10
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.
Employees are increasingly turning to consumer grade file sharing services such as Dropbox for business activities, and even if that use is sanctioned by IT, custody remains a challenge because, although the enterprise still owns the data, custody moves to the cloud provider. It is difficult, if not impossible, to maintain visibility and control over data in the cloud and prove chain of custody. Complicating the situation, data can be compromised without IT's knowledge, since they may not even be aware that documents are being stored and shared in the cloud.
What's needed is a trustworthy cloud. Trust in the physical world is achieved through relationships and contracts, and enforced using oversight and punitive action in response to a breach of trust. Building on the concept of trust, trustworthiness is a model that uses carefully designed and implemented technology, policies and reputation networks to achieve data security. Applied to the cloud, it means that even though organizations no longer have physical custody of their files, by embedding security into the document itself they have the means to secure sensitive documents so that they can be shared and still remain private.
Trustworthiness uses low-level cryptographic algorithms to enforce policies, revoke access rights and monitor access activities. It is defined and controlled exclusively by the data owner without any intervention from the cloud service provider. In a trustworthy cloud scenario, authorized users have visibility into groups and documents--limited by their role--but in a manner that doesn't weaken the cryptography or open the system to additional attacks. This approach prevents the misuse of cloud data from going undetected by creating a comprehensive audit trail of who is accessing files.
When content is stored in a trustworthy cloud, policies set up by the data owner are enforced by a solution provider without the solution or cloud provider ever having access to the data itself. This is called zero knowledge and relies on advanced federated key management technology.
Zero knowledge-based document sharing enables collaboration across organizational boundaries using any cloud storage provider, since federated cryptography is attached to the content rather than depending on the cloud container. For IT, it provides the ability to accommodate the growing popularity of BYOC (bring your own cloud) for business document sharing, while maintaining the visibility and control required for Governance, Risk Management, and Compliance. As an added benefit, the Trustworthy Cloud does not force users to adopt new tools or impose changes to an organization's existing security and audit infrastructures.
Implementing a Trustworthy Cloud
A trustworthy cloud establishes a provable separation of authority between the custodian of the information (the service provider) and the content owner and others who may have varying degrees of authorization to view or modify this information. The aggregate cryptographic algorithms and protocols provide strong guarantees of data privacy and chain of custody.In this context, privacy is the ability of participants to control disclosure of sensitive business data. Confidentiality, meanwhile, refers to the commitment by the service provider to refrain from accessing or disclosing the data. A trustworthy cloud solution replaces the conventional need to rely on confidentiality on the part of a cloud service provider with the ability to rely on technological controls to enforce data privacy. This is made possible by implementing an emerging approach that places security on the content instead of on the container itself.A trustworthy cloud has the all-inclusive ability to establish an electronic chain of custody record. This indelible record captures where the data originated, who may have accessed or modified it during its lifetime, and where and when there was a transfer of possession, no matter where it resides. In addition, content owners or the parties with fiduciary responsibilities for its lifecycle management can specify, monitor, and enforce fine-grain retention, disposition, and hold policies on data that is not in their possession. In practice, these records and policies can be carried as metadata that is based on the content but may be stored and encrypted separately from it.
A trustworthy cloud also provides scalable security federation to enable the secure sharing of documents across organizational trust boundaries (e.g. outside their firewall) in a manner that is as simple for employees as using consumer solutions such as Dropbox. This capability is especially important for companies in regulated industries such as Healthcare, Accounting, Pharmaceutical and Finance where data privacy and provenance control are mandated.
For example, a trustworthy cloud would enable a publicly traded company to comply with SOX 404 even when a third party cloud provider possesses the data. In HIPAA- or FDA-regulated environments, a trustworthy cloud would allow an organization that uses public cloud services to meet the requirements of HIPAA/HITECH or Business Associate Agreement (BAA) contracts.
With the rapid authorized and unauthorized use of public cloud sharing by their employees, organizations can no longer afford to ignore the data privacy issues these services engender. A trustworthy cloud approach that enforces security on the content itself eliminates the cloud container as a potential point of compromise. This enables organizations to implement and enforce "zero knowledge" encryption that is transparent to employees, and prevents both the cloud service provider and the security vendor from accessing business information.
AlephCloudis a provider of cloud content privacy solutions.