Glossary Terms
What is Cloud Encryption?
“Cloud Encryption” is a service provided by cloud storage providers that converts data into a scrambled format, ensuring it remains protected during transmission and storage in the cloud. This encryption renders the data unreadable by unauthorized users without the corresponding secret (known as a key) to unlock it. It is a crucial part of modern data security and is the reason that it’s possible to store your data in the cloud without everyone on the planet being able to access it.
Encrypted Cloud Backup: What’s the Point?
Put simply, you want to encrypt your data because you don’t want anyone to have access to it except for you. It’s the digital equivalent of locking your front door when you leave your house.
The good news is that today, it is very easy to encrypt your data. Nearly every cloud provider will offer “in-transit” and “at rest” encryption of your data as a transparent and automatic part of their broader service.
What Are At-Rest and In-Transit Encryption:
There are two major times when it’s important to protect your data using encryption. Those are:
- When that data is moving from your computer (or other endpoint devices) to a cloud service
- When your data is sitting in storage on a cloud provider’s server
In order, those are what “in-transit” and “at-rest” encryption are created to solve.
In today’s world, most “in-transit” encryption is handled by a protocol known as “TLS” or Transport Layer Security. It’s exactly the same technology that is used every time you see “https” in your browser’s URL bar. It provides a layer of security around data as it transits through the “series of tubes” that make up the Internet by wrapping all the information being transmitted in a secure tunnel of encryption that only the sender and the intended recipient are able to see inside of.
At-rest encryption is “easier” to understand in concept because it’s just good old-fashioned scrambling of data (with a known order dictated by the encryption key) prior to it being stored somewhere. Often, data sitting on cloud servers is encrypted using the Advanced Encryption Standard (or AES). Originally released in 2001, AES is yet-to-be cracked and a regular computer would have to work for millions of years to access data which is secured by AES without access to the key. That’s the good news.
The Problem with Cloud Data Encryption on Google Drive and OneDrive
The bad news is that not all at-rest encryption is created the same. Many cloud providers will use a single key to secure data for multiple users or even entire clouds. This means that while the data is technically encrypted, a very large group of people have access to the key. Additionally, any administrators or hackers who have access to the application storing the data (for instance OneDrive or Google Drive) will have access to the unencrypted data by nature of the way the application is built. So, the encryption itself offers minimal additional security.
How can data in the cloud be more secure?
A great way to get the most out of encryption is to make sure that your cloud provider uses individual encryption keys for each user’s data. This makes it orders of magnitude more difficult for anyone who doesn’t have the encryption key (just you when there are individual keys) to access the data stored with that encryption. The benefits of individual keys are multifold, but the biggest one is simply that even if a hacker or rogue administrator gains access to data stored using someone else’s key, yours is still perfectly secure. This makes the impact of a breach or other security incident much less of a concern.
The best way you can protect your data when it’s stored in the cloud is to make sure that your provider secures your data with a key that is unique to you.
Need encrypted cloud backup?
As businesses increasingly rely on cloud services for data management, understanding encryption practices becomes paramount. Choosing a cloud provider like CrashPlan, which prioritizes data security through pre-encryption and robust encryption protocols, ensures comprehensive protection against data breaches and loss.
We’ve got your back(up)
Find the perfect data backup and recovery solution with our plan comparison. Kick-start your journey with a free trial.
Related Glossaries
CrashPlan® provides peace of mind through secure, scalable, and straightforward endpoint data backup. We help organizations recover from any worst-case scenario, whether it is a disaster, simple human error, a stolen laptop, ransomware or an as-of-yet undiscovered calamity.
- Resources
© 2024 CrashPlan® All rights reserved.
Privacy | Legal | Cookie Notice | Free Trial