StorageShort: Will Enterprise File Sync and Share Encryption Really Protect You?

Ask any Enterprise File Sync and Share (EFSS) vendor if they provide encryption and you are going to get a emphatic, “Yes!” They will claim end-to-end encryption and let you assume that you are covered. But are you really? Certainly end-to-end encryption is important and offers a base level of security but if the EFSS vendor owns your keys then you may not have the protection you might think. In this StorageShort, Storage Switzerland and Ctera discuss the importance of key ownership as part of the encryption process.

Key Ownership is Key

After ticking the end-to-end encryption checkbox, IT professionals need to dig deeper and understand key ownership. In most cases they are going to want the organization to own the encryption keys, not the provider. There are two main reasons why. First, if a judge orders the provider to turn over your organization’s data, the provider will. In some cases providers are under no obligation to tell you they have done that, and in others they may be explicitly ordered by a court not to tell you the request has been made.

If you own the keys, you still may decide to follow the court order to turn over data, but the decision to turn that data over should be the decision of the organization and no one else. Even if the organization does comply with an order to release data, at least it knows it is happening and can begin to prepare for any backlash.

The second reason for an organization to control its own keys is what if the EFSS provider gets hacked, exposing all of the keys it controls? The hacker now has access to all of your stored data. In many cases the EFSS vendor may not alert its customers for fear of public backlash. In other words, data may be exposed without the organization knowing it. Obviously, every organization is susceptible to a cyber threat. But again, the chances of knowing a hack occurred goes up substantially if the organization owns the key.

Encryption is just one key element of a EFSS strategy. To learn about the other elements, data residency, advanced authentication, secure access and user acceptance, watch our on-demand webinar, “5 Must-Haves to Achieve Total File Security in the Cloud“.

Twelve years ago George Crump founded Storage Switzerland with one simple goal; to educate IT professionals about all aspects of data center storage. He is the primary contributor to Storage Switzerland and is a heavily sought after public speaker. With over 25 years of experience designing storage solutions for data centers across the US, he has seen the birth of such technologies as RAID, NAS and SAN, Virtualization, Cloud and Enterprise Flash. Prior to founding Storage Switzerland he was CTO at one of the nation's largest storage integrators where he was in charge of technology testing, integration and product selection.

Tagged with: , , , , , ,
Posted in StorageShort

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 22,232 other followers

Blog Stats
%d bloggers like this: