A concern that people have against putting their data in a public cloud hosting environment is the security. Data in the cloud wouldn’t be as secure as storing it on premise. The key to keeping your data safe in the cloud is disk encryption, according to a new blog entry by cloud hosting provider CloudSigma.
The most convenient form of encryption is disk/volume encryption, writes Viktor Petersson in CloudSigma´s corporate blog post. Petersson is the platform evangelist at CloudSigma, and a proud geek. If you have any data on an existing Virtual Machine (VM), you can easily add an encrypted disk or volume. Then, when you unmount the encrypted volume (or power off the server), as long as you don’t store the encryption key on the server, your data would be safe.
The drawback with this type of encryption however is that if your server gets compromised somehow, there is a possibility that the attacker could capture your passphrase/key (and/or data) the next time you mount the disk image, explains Petersson.
Full Disk Encryption (FDE)
Using an encrypted partition or disk leaves you vulnerable to certain attacks. Using Full Disk Encryption (FDE) would solve this problem, since the passphrase will have to be entered upon boot. Read the full blog entry here.
CloudSigma is an Infrastructure-as-a-Service (IaaS) cloud hosting provider based in Zurich, Switzerland. The company was founded to meet the growing need for a pure IaaS cloud platform that places little or no restrictions on how its users deploy their computing resources. CloudSigma was named a Cool Vendor by Gartner in 2013.
