PrintPrint CiteCite
Style: MLAAPAChicago Close


Encryption, Not Restriction, Is the Key to Safe Cloud Computing

Authors: Richard A. Falkenrath, Shelby Cullom and Kathryn W. Davis Adjunct Senior Fellow for Counterterrorism and Homeland Security, and Paul Rosenzweig, Red Branch Consulting, PLLC; Senior Advisor, The Chertoff Group
October 5, 2012


It's 11 p.m. Do you know where your data is? If your enterprise has transitioned to the cloud for data storage the answer almost certainly is "no." Portions of it might be in Malaysia; other bits in Antigua.

Today, governments across the globe are deeply uncomfortable with that answer -- but they don't need to be. Just a small application of technological magic through encryption at rest can dispel concerns about data's location.

The underlying problem is familiar to most cloud-sophisticates. Cloud architecture is a distributed network. Optimizing efficiency means locating server farms wherever energy and labor costs are cheapest. And, given the speed with which information transits the network, there is no need to build data centers close to where the data users reside -- data can be almost anywhere in the world in milliseconds.

But the widely-distributed nature of cloud storage systems poses a problem for government users. There is something fundamentally problematic for them with the notion that Federal government data -- IRS records, for example -- might be stored on servers in, say, India. The specter of non-U.S. citizens having physical control over and access to U.S. data understandably gives the government pause. The same is true of almost every other country in the world.

As a result, many federal, state and local governments and agencies are starting to require that their data remain within geographic control.

View full text of article.

More on This Topic