Recently, American and British government leaders have made statements about the need to access encrypted information in order to hunt down criminals and prevent future terrorist attacks.
UK Prime Minister David Cameron has gone so far as threatening to ban encrypted messaging applications, such as as WhatsApp and SnapChat if they don’t provide a mechanism for law enforcement to trawl through communications.
This, of course, has raised a justifiable obstreperous outcry by security and privacy advocates to the point where the American government has, at least for now, softened its stance and stood back from demanding encryption keys from service providers or the creation of separate “backdoor keys” to enable decryption by the government.
There is ample room for the continued privacy debate on the subject. However, there is a facet of the debate that seems to be absent, and it relates to our new reliance and embrace of cloud computing. This is particularly important for small businesses.
When you put your information in the cloud it remains there for as long as the cloud provider wants to keep it. (As we all have learned, if you are using a free cloud-based service, you have no expectation of ownership to any of the information that you share, no matter how declarative your statements.)
If, however, you are a small business owner and you are paying for cloud storage, how can you be sure that if you terminate that agreement the data will actually be destroyed?
Sure, the contract between you and the Cloud Service Provider says that they will delete your data, but what if a simple oversight lets your data slip through the contractual crack?
Since you cannot wipe the cloud storage, nor can you go to the cloud provider to physically destroy the hard drive on which your data resides – and this is where encryption comes to the rescue.
The only way to absolutely guarantee that your data is never accessible is by encrypting it. If you ever change cloud providers, you should first transfer the encrypted data to your new provider and issue new encryption keys for the new location. Once you have tested that everything is working correctly at the new provider, it is time to destroy the old encryption keys.
Destroying the encryption keys guarantees that your old data is inaccessible.
It is perfectly understandable that our governments are concerned about their ability to catch those who wish us harm; that is what our governments are supposed to do.
However, for the majority of law abiding citizens, there is no need for anyone to access our data, especially when we are done with the facility that stores it for us. Shredding the encryption keys locks the door on that data forever.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.
5 comments on “Encryption is the only guarantee of data destruction in the cloud”
Well, I always consider that encrypted data is still vulnerable. You may destroy the keys but "brute force" still does it… If it's not now, it will be in few monthes using the never ending computing performance increase… Am I just paranoïd?
There is no such thing as paranoia in security. People say something is paranoia when they don't understand what paranoia truly is. This is unfortunate because what they're often describing is more than ideal. But never mind that: what might seem impossible might actually be possible or become possible in the future. You should presume that something that isn't possible will become possible, or better stated: presume the worst (including that things will get worse, not better). You can't prepare for something if you don't accept it as possible, can you (luck isn't preparation)? Some might use the word assume but I think presume is better because it indicates there is a good reason to believe it (and the fact these things are true and have been shown repeatedly, means it is not only a belief but it is also factual).
'Sure, the contract between you and the Cloud Service Provider says that they will delete your data, but what if a simple oversight lets your data slip through the contractual crack?'
Or they don't delete it securely. Yes, there is a difference.
'It is perfectly understandable that our governments are concerned about their ability to catch those who wish us harm; that is what our governments are supposed to do.'
Except it does the opposite. And they do other things that do the exact opposite. Then there is the issue that they want more and more power, even the same kind of power (as before), as if it will make things more safe in their mind. Unfortunately this convinces enough people while doing the exact opposite (they can't keep their own secrets safe and they can't keep their own networks secure, so to state they can keep the data of others secure is extremely naive). None of this is new, though – it's long known that governments are inept with these things, and it is long known that they crave power to the extreme (in fact, all those who seek power are this way).
Per NSA PRISM revelations, Public Cloud services have BACKDOOR access. Once your Data is in the Public Cloud, the Public Cloud Vendor (Microsoft, Google, and Amazon) OWNS/CONTROL your Data. So remember “If you don't Hold your Data, you don't Own/Control your Data”, with that in mind go with the Private Cloud.
As one who has never really grasped this 'CLOUD' thing it still boggles my mind why businesses would ***pay*** to put their data (AND their clients data) on "someone else's computer".
It is a legitimate business expense to buy your own server(s) and hire someone to manage them, on what is then ***Your*** equipment and your (and your client's) data on and on your terms.
Personally I would feel better in that position.
For me it is an issue of responsibility.
If you do not care, you can always just shrug your shoulders and blame your cloud provider if there is data loss or a leak to the open internet, or…