Many organizations are undergoing a digital cloud transformation in which they’re moving their computing resources from on-premises data centers to the cloud. This migration takes various forms for organizations. Some are transitioning to the private cloud like Dell or VMware, while others are going with public providers such as Azure or Google. Most have a blend in what’s known as a hybrid environment. Embracing such a model allows organizations to keep hard-to-move core applications in the data center. It also allows them to benefit from the compliance, scalability and flexibility advantages afforded by the cloud.
Despite its strong points, a hybrid cloud environment does present certain challenges to organizations. One of the most significant is the issue of data protection. With their data now growing across both physical and virtual infrastructure, organizations need to figure out where their sensitive information is being produced and stored. They then need to find out how it’s being shared and whether it’s being distributed to locations outside of their control. At that point, organizations can create a data protection strategy that reflects their business needs.
Most commonly, this strategy involves some form of data encryption. Whether they choose to encrypt everything or implement more targeted encryption is up to them. But in every case, organizations must ultimately decide how to manage their keys.
This is easier said than done. That’s because the more encryption keys they create to protect their dispersed data, the more challenges organizations will have. Many organizations today have silos containing different keys for different operational resources like file servers, databases and web servers. Such a distributed network of keys is not ideal for them to achieve efficiency and meet GDPR and other compliance standards.
So what are organizations to do in response to these obstacles? How can they implement encryption key management in a way that aligns best with their dispersed IT environments?
Stephen Kingston, Senior Product Manager at Gemalto, discusses this issue and others at length in “Understanding the Latest Strategies and Trends in Encryption Key Management.” For the webinar, he explains the importance of a centralized approach to key management and how organizations can use that type of model to figure out when and where they should encrypt data in their data centers and in the cloud. He also elaborates on the benefits of a centralized data protection scheme and where key management fits into this equation.
For information on how an enterprise-wide key management operational model can reduce cost of ownership and minimize overall risks for your organization, register to view the webinar.
In the meantime, further your knowledge on how you can centrally control your organization’s encryption keys wherever they reside with centralized encryption key management.
*** This is a Security Bloggers Network syndicated blog from Enterprise Security – Gemalto blog authored by Gemalto. Read the original post at: https://blog.gemalto.com/security/2018/12/11/using-encryption-key-management-to-navigate-the-digital-cloud-transformation/