From the course: Certificate of Cloud Security Knowledge (CCSK) Cert Prep
Join today to access over 25,300 courses taught by industry experts.
Cloud data key management strategies
From the course: Certificate of Cloud Security Knowledge (CCSK) Cert Prep
Cloud data key management strategies
- [Instructor] For key management strategies, it's important to understand the risk levels for an organization. The cloud provider maintains a system called KMS, or key management services. By default, the cloud provider can generate and manage keys that you can utilize for the different levels of encryption. There are four choices that the CSC can make regarding the use of the keys. The CSC can choose to do client-side encryption, serve-side encryption, customer-managed encryption keys, and customer-supplied encryption keys. This includes a mixture of choices. The risk level of the data determines the options chosen. As stated, by default, the provider generates and manages encryption keys. Here is an example of AWS object storage, where server-side encryption means the cloud service provider encrypts data using keys stored within the cloud environment. The customer depends entirely on the provider for the encryption algorithms and key management services. When a cloud service…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.