EN, Security Boulevard

Systematically Bring to Light the Keys in Your Clouds

Systematically Bring to Light the Keys in Your Clouds
madhav
Wed, 05/15/2024 – 10:23

The cloud has enabled organizations to create data stores across the globe at breakneck speeds. Organizations can now leverage the cloud to reach a broader user base, accelerate application time to value, and deliver new ways of connecting with employees, customers, and partners. However, with all that the cloud offers, it has ushered in the need for more robust security controls, especially when storing sensitive and critical data. One tried and true way of protecting sensitive and critical data is through encryption. However, as data stores scale, so do the number of cryptographic keys that must be managed. The traditional approach of managing keys in different silos delivers diminishing returns in terms of manhours and policy control for different key types. Centralized key management was introduced to resolve this key management challenge, breaking down the silos and significantly reducing the time needed to manage keys while delivering consistent policies wherever data is kept.

You Cannot Manage What You Cannot Find

One of the major obstacles organizations face when considering a centralized key management approach is taking inventory of their keys and implementing them within the key management solution. To implement a key management solution, you must first understand where your cloud-based keys reside and how many you have. Across large organizations, it is difficult to gain complete visibility into Azure Key Vaults and Google Key Rings created by all departments. Even if you can locate all your keys within your cloud instances, contending with hundreds of projects and thousands of keys makes it unmanageable to manually add all the needed key management services. An effective key management strategy requires a better way to detect the key management service containers, whether they are Azure Key Vaults or Google Key Rings, and incorporate them within your overall key management strategy. This poses a couple of questions:

1. How can you confidently identify all your key management services and their keys within your cloud environment without much human intervention?

2. How can you know when new key management services and their keys are introduced into your environment and add them automatically or after review?

Aut

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from Security Boulevard

Read the original article: