How to make encryption easier to implement
Online Tech's Senior Product Architect Steve Aiello continues his data security series of videos on data encryption by walking through the steps that will make implementing data encryption for your business easier and more cost effective.
How can you make encryption easier to implement?
- Use high-end technology products
- Partner with a provider that understands encryption
One example is Online Tech's encrypted cloud solution that uses EMC VMAX storage (SAN).
If you have a virtual private server, when your data hits our storage array, it is written to the hard drive and is encrypted. Using AES 256-bit, your data can meet compliance requirements for encryption.
Another service we provide is SSL certificates, two-factor authentication and VPN. These layers of security provide encrypted data at rest and encrypted mobile VPN. An additional step is to select a vendor for their software that builds encryption into their software application.
Steven: One of the things that you can do to help make encrypting your sensitive data easier is using very high-end technology products and/or partnering with a provider that understands how these things work. What we’ve done here for our customers is we’ve leveraged technology from EMC that implements encryption on every single disk in our shared Cloud environment.
What does that mean for you? It means that if you’re a customer with Online Tech, and let’s say you have virtual private server and you run twenty different websites. As soon as that data hits our storage array it’s passed through a special appliance and it writes all of that data to hard drives encrypted. From a compliance perspective it allows you to validate that your data is encrypted at rest, AES 256-bit.
We also have the option as spoken about before, the SSL certificate. That’s a very easy win. That’s something that a service provider can help you with. We have two factor VPN services for our mobile users. When you think about starting to layer all of these services together, it makes that concept of applying cryptography well at many different layers a little bit less daunting.
What is the customer really responsible for? They have the data-at-rest encryption. They have an encrypted mobile VPN if they want that, so they can administer their servers in a secure fashion. They have an SSL certificate that they can use to guard that web presence online. If they want to go above and beyond they can take that step and really look at their application. Or, they can select a vendor for their software piece that builds an encryption into their software application.
If you’re looking at encrypting data in four or five different places and a service provider can help you do four out of the five, you’ve really cut out a massive amount of work to make yourself compliant and be on your way to being secure.