The True Story of Data-at-Rest Encryption & the Cloud

Protecting Your Sensitive Data-at-Rest Require More than Full Disk Encryption

Encrypting sensitive data stored in the cloud prevents attackers from gaining unauthorized access to that data. This is otherwise known as data-at-rest encryption and is highly regulated through standards like the Health Insurance Portability and Accountability Act (HIPAA). These regulations require that security controls are in place that reduce the potential for insider attacks, exfiltration through malicious software like malware and other cyber security threats.

While these regulatory standards do well in settling the bare minimum needed for an organization to actively secure their data, these regulatory standards don’t specify what type of data-at-rest encryption is to be used. Often, this leads to third-party cloud vendors choosing the wrong solutions for fighting off cyber security threats, putting your organization’s data at risk. Instead of relying on full disk encryption, third-party cloud vendors must advance their use of logical/role-based encryption solutions.

Logical/role-based encryption solution is effective, whether a server is running or not, because they limit access to data based on the user’s permission settings or role. This offers a greater depth of cyber security protection against modern threats than a full disk or storage area network (SAN) based encryption ever could. Learn more about logical/role-based encryption with our paper on “The true story of data-at-rest encryption & the cloud.”