Having outlined the need to take an information-centric approach to key management in the cloud, today I would like to share the first half of a series of six strategies that could help organisations take this approach.
The first strategy I would like to outline is the Trust Everyone Strategy, where existing applications, keys and management tasks are fork-lifted from the datacentre into the service provider. No special steps are taken to address the control challenges introduced by the Cloud.
However, as we all know, no matter what else you outsource you can’t outsource your responsibility, so this strategy is not really an option. I’m all for SLAs bridging the gap between business desires and technical reality but wholesale handover of sensitive operations is probably a bridge too far.
At the other end of the scale is the Trust No-one Strategy. No important cryptographic infrastructure is moved out to the Cloud. While very safe, and a good first step for hybrid deployment, this approach does not enable the greatest exploitation of all the Cloud has to offer.
For those who want something in between, the Trust Someone Strategy is possible. It is the first step in a genuine risk-based approach to moving keys into the cloud. Given some visibility of the operations of the service provider, you are able to make an informed choice about how much you release to their control, much like traditional outsourcing.
Here you accept that a group of administrators and security personnel can affect your security but, given sight of hiring policies, systems management processes and internal physical security, that may be acceptable.
Be on the lookout though for issues of multi-tenancy, the constancy of personnel management at the provider and the economics of providing strong separation between personnel and management systems. Also be sure you can find proof of whatever you’re relying on. What systems and processes give you independent proof that procedures are being followed and promises kept?