Moreover, with over 90% of enterprises adopting a hybrid approach to workloads, an overall strategy for securing enterprise data across all hosting platforms is essential. This should cover data at rest, in transit, during migration, and in use.
the data security limitations of FaaS environments, should at least meet the criterion of vendor lock-in. Choose a solution that will apply to all hosting locations. For FaaS environments, this means that your data should be protected in use and/or at rest using platform-independent key management systems and cryptographic services. Enterprises should have full control over the encryption keys used to encrypt their data. Any cryptographic and key management service should support all platforms, regions, etc.
The best way to reduce the risk of any sensitive data namibia mobile database compromised is to ensure that the data is protected with industry-standard encryption throughout its lifecycle, i.e. from the moment it is captured. When using AWS, Azure, and Google Cloud Platform, look for integrations with native cloud services to enable data protection functions in FaaS environments. And demand full support for both hybrid and multi-cloud implementations.
Additionally, look for solutions that will help solve the following problems:
Stateless Key Management. A scalable, portable, and secure key management service allows enterprises to have full control over their data encryption keys. Generated keys should work seamlessly on any platform (both on-premises and in the cloud), without requiring data decryption when migrating between different cloud providers, regions, etc.;
Protecting data at the point of capture. Serverless computing should provide enterprises with the ability to run secure workloads in FaaS environments. This allows them to protect their data at the point of capture, thereby limiting any new security issues that may arise during the data migration process;
Feature-rich cryptographic solutions. Opt for cryptographic solutions that not only support various data protection formats such as pseudonymization, anonymization methods such as tokenization, format-preserving encryption (FPE) and hashing, etc., but also enable the use of data protection capabilities specific to different business cases. With feature-rich, cloud-agnostic cryptographic diagnostic services, enterprises can not only protect their data at the point of capture, but also use the protected data for further processing, including data analytics or for use in other FaaS-based functions. FPE allows the use of protected data without the need for decryption.
- Board index
- All times are UTC
- Delete cookies
- Contact us