Thales Blog

Leaky Buckets In A Multi-Cloud World

April 16, 2018

Thales Thales | Cloud Protection & Licensing Solutions More About This Author >

The past year has seen a number of high profile security breaches tied to leaky storage servers. Specifically, the leakage of sensitive files connected to misconfigured security protocols on Amazon Simple Storage Service (S3) buckets. In fact, in June, a misconfigured database containing the sensitive personal information of 198 million American voters was left exposed online for nearly two weeks. Highly classified and unencrypted intelligence data was also revealed to have been left in an S3 server that was publicly accessible.

As more organizations are moving to the cloud, adopting a multi-cloud strategy, and storing sensitive data in AWS, Azure and GCP the risk of misconfigured leaky servers exposing Personal Identifiable Information (PII) is rising faster than ever.

Organizations want to leverage a multi-cloud strategy encompassing the most cost-effective cloud storage tiers, including AWS S3, Azure Files, and Google Cloud Storage, to maximize efficiency and cost reduction. They may be running critical applications in one cloud and using a different vendor for backup and restore in another.

According to our Global Data Threat Report, 45 percent of respondents will store sensitive data in SaaS environments this year, including cloud storage. In doing this, though, they must ask themselves if they have the proper access controls, data management approaches, and encryption installed. If they don’t, they are at risk of becoming the next headline.

Many organizations feel they are unable to leverage the most cost-effective storage options available due to data control challenges, data security complexity, and compliance reporting requirements.

That’s why I’m pleased Thales is addressing these problems and expanding the reach of our multi-cloud Bring Your Own Encryption (BYOE) solutions to protect the most popular, high-value cloud storage platforms.

Vormetric Transparent Encryption (VTE) provides advanced encryption, key management, and granular access policies, and now secures AWS S3 and Glacier storage environments, complimenting existing support for EBS and EFS. Servers both on-premises and operating on Amazon EC2 can gain the security benefits of the FIPS 140-2 certified Vormetric Transparent Encryption solution as well as the cost-effectiveness of S3 storage. Additionally, Vormetric Transparent Encryption now supports storage data encryption for servers running AWS Elastic Map Reduce (EMR) and Hortonworks for AWS customers utilizing S3, giving those customers protection for their big data environments.

We’ve also made significant updates to other products in our portfolio including VTE supporting Microsoft Azure Files, and Amazon Linux. Vormetric Cloud Encryption Gateway (VCEG) now supports Google Cloud Storage, and Vormetric Application Encryption now offers RESTful API support (more on that in my colleague Eric Wolff’s Wednesday blog).

As customers continue their journey to the cloud or multi-cloud, Thales has been rapidly expanding its security solutions to address the latest storage, server, and microservices technology so organizations can confidently use the cloud services that best align with their needs. Organizations can be secure in the knowledge that the strongest safeguards are protecting their sensitive data and applications in the cloud, helping them meet compliance requirements and gain greater control over their data, wherever it is created, used, or stored.

To learn more about the latest Thales BYOE cloud storage product updates, check out our website here. You can also visit us at this year’s RSA Conference, San Francisco, April 16-20, 2018, North Expo Booth #3425, Moscone Center.

Alternatively, leave a comment below, or give me a shout on Twitter.