Cloud Key Management vs. Hardware-Based Key Managers | @CloudExpo [#Cloud]

Cloud security is a top concern for any organization migrating to the cloud. The threats are many.

For example, the fact your data resides in a shared, multi-tenant environment is a threat that has become a reality with the latest Xen virtualization bug, which allowed a malicious fully virtualized server to read data about other virtualized systems running on the same physical hardware or the hypervisor).
Other threats to cloud security include internal employees and even governments.
The consensus is that data encryption is a critical first step to migrating to the cloud; but in fact, encryption is the easy part. The real challenge lies with the management of the encryption keys. Allowing your cloud provider to encrypt your data and manage the encryption keys is as secure as parking your car in a public parking space and leaving the car keys in the ignition.

read more