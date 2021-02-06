



In a series of three technical articles, Google Cloud recently described how to trust a cloud provider, explaining the concept of customer trust, managing security keys, and scenarios where encryption keys need to be decoupled from the cloud.

The first article tries to define what trust is, its definition is much broader than cybersecurity and greater than security, privacy, and compliance. Starting with the paradox that “more trust in cloud computing requires the ability to lower trust,” said Anton Chuvakin, Head of Solution Strategy at Google Cloud.

To make cloud computing reliable, you need to make it less reliable. paradox? not really! (…) Just knowing that cloud providers are working towards reducing the amount of trust will probably make them more trustworthy.

He also emphasizes the risks of the “security theater” and adds the means and controls that make people feel safe without achieving measurable risk reductions:

This logic also applies when the public cloud environment is significantly more secure than the older on-premises environment, but I feel that on-premises is somehow more secure and therefore more trusted.

In the second article, you’ll find common data security related to encryption, such as data encryption, failed encryption key protection, and keeping the key close to the data to increase the likelihood of data breaches. Focus on mistakes. The author proposes to think first about how to implement a security model, rather than focusing solely on compliance.

Research has shown that encryption is implemented for compliance and that there is no need to explicitly consider the threat model. Key management was considered later and was not considered. You can argue that the key needs to be better protected than the data to be encrypted (or, more generally, the key needs to be more tightly controlled than the data it protects). If the key is stored close to the data, it means that the control that protects the key is not really good.

Among the recommendations, Google Cloud inventory the keys, keep track of how close the keys are to the data, and use managed KMS such as Google Cloud KMS to encrypt software and hardware. We are proposing to process the key.

The third and final article will instead discuss encryption keys outside the cloud. According to Google Cloud Senior Product Managers Anton Chuvakin and Il-Sung Lee, there are three scenarios where you need to keep your keys away from the cloud, or outweigh the benefits of cloud-based key management. Local regulations and concerns, centralized encryption keys. Hybrid deployment and key control used during the migration process when the encryption key is the last data sent to the cloud. As the author warns, requirements are subject to change during ongoing projects.

Regulators in Europe, Japan, India, Brazil, and other countries are considering or strengthening their obligations to keep unencrypted data and encryption keys within boundaries. Examples may include certain industry obligations (such as TISAX in Europe) that represent or imply that the cloud provider will not have access to the data under any circumstances.

If the example in the article focuses on Google Cloud products and the scenario describes Google Cloud foreign key managers and sensitive VMs, the ideas behind the series are vendor independent and can be applied to AWS or Azure. .. Sergio Werner, Head of Cloud Services Center of Excellence at Capgemini, tweeted:

This article presents Google’s answer, but the paradox is well-known and common. All compliance and lock-in questions come down to putting the cursor on trust.

Mark Ryland, AWS CISO Director’s Office, and Quint Van Deman, AWS Global Business Development Manager, recently wrote an article on AWS’s Zero Trust Architecture. Other white papers and reports on cloud trust can be found in the Cloud Security Alliance research material.

