Every measure of growth for creation of digital data shows dramatic increases. It’s a major issue for data center architects, data center operators, and even consumers. Consumers face this issue as they chose new mobile devices, striving to have enough storage for the photos, emails, videos, music and digital crumbs of life that they accumulate and often fill mobile devices faster than may have been anticipated.
According to Enterprise Strategy Group, the storage requirements for data are increasing 40% year over year, well ahead of growth in IT spending. This tremendous growth in data creation also leads to a secondary problem. The Storage Networking Industry Associates has found that 80% of respondents have reported that they need to retain data and information for more than 50 years. Not only is there a lot of data being created every day, every year, but also a lot of that data will be around for a long, long time.
There is good news, the cost of storage continues to drop and will help with the 40% growth in data creation, but where to store all of this data. There are many options for where and how to store all of this data as it can reside in a local legacy data center, in a new virtualized and software-defined data center, in a hybrid cloud data center or even in a public cloud data center – many choices.
That’s a lot of places for a lot of data to be hanging around for 50 years, for a lot of people to potentially access if steps aren’t taken to prevent this. This part seems easy – use encryption. And in fact it can be relatively easy, but in a cloud adoption survey conducted by HyTrust this year, only 28% were encrypting data in public cloud deployments. Other surveys typically find that encryption use fails to meet expectations. For most data, anything less than 100% puts data at risk and is unacceptable.
As there are many choices for where data may end up residing, there are too many choices for encrypting data and more importantly, managing the keys that drive encryption policy and allow an organization to determine who sees the data. For traditional, legacy data centers this is often a simpler choice as the encryption technology and the encryption key management all happens on premises with complete control. As organizations look to build out a software-defined data center (SDDC) or next-gen data center, data becomes more mobile and the traditional perimeters and boundaries may be less defined and require that the data and the workloads in which they run be controlled with encryption that may include boundary-based controls and support software-defined storage systems.
Once the data moves to a hybrid cloud model, requirements for where and how encrypting and key management are performed become even more critical. Encryption and key management functions now become available from cloud providers, but it is critical to make sure that providers can meet the organization’s requirements for public cloud policy and that those requirements and choices can be consistently applied across the public and private cloud deployments that enable “hybrid”.
Even when a deployment will be with a public cloud provider, it may not be the best choice to turn everything (data, encryption and key management) over to the cloud provider. The cloud provider may offer encryption in the platform, even flexible key management functions, but do they meet the organization’s requirements for security and compliance, and if they do, is it acceptable for the cloud provider to hold the keys
for bring-your-own-key or a key management solution outside the cloud provider may ease the risk.
More data and more choices; it is more important than ever to consider an encryption and key management policy that can be tailored to meet the needs an organization. There are many choices for workload security and protecting the data in any data center, in any cloud. HyTrust cloud workload security solutions can enable you to easily achieve data security across a multi-cloud data center deployment.