Cyber Security in Gaming

Cyber Security in Gaming

Our lives are moving more digital every day, and gaming is no exception. Advancements are being made every day, with new technology and entire worlds and universes are now being created for you to step into. However, with all of this excitement – it’s important to remember there is also a security threat with every game you sign up for. In this blog, we will be discussing different threats within gaming, and how to avoid them so you can have a stress-free gameplay experience.

The most well-known threat in gaming is data breaches. This is when the gaming provider loses the important information of gamers that have placed information with them. This can include passwords, emails, and credit card information. In these unfortunate cases, it is usually an accident and misuse of proper digital hygiene standards. In this case, there isn’t much that can be done other than change your password as quickly as possible, and hope the company start to take proper care in the future.

More serious cases can come directly from your set up. Malware, ransomware, and viruses will pose an ever-present threat to your digital life. So, ensuring you have the proper protection to your PC or laptop are essential. These attacks are entirely malicious and have the ability to completely infect your set up. Malware and viruses can reach you through different means including - but not limited to - unsafe links, brute force, and phishing. Clicking on unsafe links or complying with phishing emails can lead to malware infecting your computer. While you may assume that you would be able to notice dangerous links and phishing emails, the rise of AI and ransomware has led to the significant improvement of these malicious attempts. Spotting them has and will continuously become harder. Once you click the link, and allowed the malware in, there is virtually nothing you can do to stop the attack.

In gaming specifically, you can lose your data along with the progress of your game and have to start afresh. If gaming is a hobby and you have put many hours into it, then losing it all could be devastating. Hackers can also use brute force attacks to carry out complete account take overs, again resulting in the same losses.
Popular gamers who share their journey online, could be big targets for these types of attacks, but it doesn’t exclude smaller gamers who don’t share their life online.
To ensure you are keeping safe against these online threats, following important steps could shield you and your online world.

Keeping a strong password

We will never get tired of promoting the importance of having a strong password. You may swat away this recommendation and file it under the ‘I already know’ list of things. We always want to remind you to never take this lightly. No matter how much of a rush you are in, how many accounts you have, or how safe you think the site is. A strong password is the shield against a stomach dropping anxiety of being hacked or locked out. Making it difficult to guess with a random mix of letters and numbers, changing it often, having a different password for everything you have signed up to, and saving them on a fortified drive will be your most basic and yet helpful defence against every malicious attempt online.

Keep your software up to date & only download from reliable sources

This will ensure not only the game being at the best standard it can be, but it will also allow for updates in security.

Clicking links or downloading items from unreliable sources can result in your computer being infected with malware. Ensuring that you know the link is safe is paramount.

Reliable hardware

It is widely recommended that gamers use an SSD for their set up. They are faster than other hardware pieces such as HDDs, meaning that games can load much quicker. This is key for games with large files especially, so you aren’t stuck staring at a loading screen. It will also mean fewer stutters and a smoother gameplay. They are less likely to fail and are much quieter. Blending a seamless game with security can be an encrypted SSD. Our SSDs, as well as our entire drive range are hardware encrypted, and OS & Platform independent, so no software is required, therefore it will work on any device with a USB port. Having an encrypted SSD will allow all of your important data to be stored securely, so you won’t have to worry about any of the security fears mentioned before – all while helping your gameplay be a smooth as possible anywhere on any device.

To celebrate National Video Game Day, we are offering 15% off of our drives with code GG15. Happy gaming.

Tech Tips and Gadgets for the New School Year

Tech Tips and Gadgets for the New School Year

Schools are a huge target for cyber-attacks. 6 in 10 higher education institutions state that they experience a negative outcome*, such as a loss of money or data from any breaches or attacks. Three quarters (75%) of higher education institutions say they were negatively impacted regardless of whether there was a material outcome or not.

Attacks can often cause an intense disruption & anxiety. In fact, 100% of all higher education institutions* sought information or guidance about cyber security from external sources in the last 12 months. Having the right training, tools, and care put into place should help alleviate any stress and aid in the prevention of such attacks. In this blog, we will recommend tools to help your school year start off the right way.

Keeping up with important rules and regulations to prevent cyber-attacks and ransomware attacks, especially with it on the rise – is essential. Failing to comply with data regulations such as GDPR could cause serious negative backlash resulting in fines, loss of trust, and a damaged reputation. Doing things such as keeping strong passwords and ensuring your computer has all essential updates is important. However, tools are the sturdy infrastructure that are built on top of these essential foundational rules.

We recommend our datAshur PRO, diskAshur2, and our diskAshur DT2.
Our datAshur PRO is a great, affordable, and extremely useful hardware encrypted flash drive. For everyday use, protecting projects, and data this drive can be there for you. It provides much more security to your data than the average flash drive. If you lose the drive, and it falls into the wrong hands it will be inaccessible without your unique PIN. This saves a lot of anxiety regarding the protection of important items in your day to day.
Our diskAshur2 is a top product of ours. Its capacity goes up to a huge 16TB and is great for on the go. Coming to and from school, moving around in the premises you have the peace of mind knowing that even if you misplace or lose the drive, it cannot be accessed by anyone.
Our diskAshur DT2 is another serious piece of tech. It has the highest capacity of all our drives at 22TB. These drives are perfect for stationary desktops, storing everything in one place. While these are not built for transport and mobility it is still a great drive to consider. Keeping it stationary doesn’t risk the data being compromised however, as it still has the same level of encryption and government level certificates as most of our other drives. It is also completely tamper proof, so you can rest easy knowing that the data will be going nowhere.

To avoid any anxiety surrounding cybersecurity in the new school year, speak to one of our company representatives today. We even offer free 30-day evaluations so you can try our products to see just how great they are.

As for students at university, we can help you too.
Having last minute stress and anxiety regarding your hand ins can be a horrible feeling. When you have anxiety regarding your work being lost or corrupted, the feeling is even worse. You shouldn’t have to deal with external issues that are out of your control by risking all of your hard work getting lost, stolen, or corrupted on cheap and unreliable memory sticks.
Your projects deserve protecting, and avoiding additional anxiety during your hand ins are what you deserve. In this blog, we will look at ways that can improve your cyber security awareness and skills, as well as recommend some great tools that you should add to your back-to-uni list.

First of all, we recommend having a look over some of our other blogs.
The world back up day blog is the best one to start with, as it gives great tips and information on how to ensure your work is taken care of and minimise risk of losing work even more.

Being students, we know that the budget will be slightly tighter so we would recommend our datAshur Personal2. It is a great step up from a regular flash drive, it has the same encryption levels and PIN protection as the rest of our product range and pricing starts at as little as £39**. This will help with your peace of mind, especially towards hand in when you know that what has gone wrong before won’t happen again!

If you are willing to invest a little bit more, we recommend our diskAshur2. This drive is great for both protection, capacity, and mobility. You can take this drive with you to the library, to your friends for a study session, or back home for the break and your data will always be safe. We recommend this in particular for students who have a creative project to look after. It can store large files at a time and go with you where you need. If it gets lost or tampered with then no one else will be able to access it.

For more tips and information on cyber security, have a look through our other blog posts!

** plus VAT

Back to School Essentials

Back to School Essentials

It’s August, that means it’s another month of summer rest and relaxation. But for parents, it also means back to school is just around the corner, and with that, back to school prep. With our world evermore online, especially since the pandemic, protecting personal data has never been so important. To help with the panic that goes alongside back to school – we have put this blog together to highlight where you can boost your cyber-security and look after important data. Having the right knowledge can work as tools against a stressful but exciting few months to come.

Our most important rule for protecting yourself is backing up. Putting off things as simple as updating passwords, shutting off your computer for updates, and creating copies are often pushed aside and seen as something we can get around to eventually. In reality, taking the time to complete these steps will help you in the long run. Keeping your data safe is the number 1 priority, and backing up is a great way to help with this. Have a read of our other blogs available to see what steps exactly you can take to do this, even if you think you already know you might find something useful there! We recommend following these data backup tips and incorporating them into everyday life to avoid the anxiety of ever losing data. While data can range from anything such as a funny picture to important passwords, no one should have to experience the stress of data loss.

We also recommend staying up to date with how your data is stored. Data breaches and attacks are an unfortunate but not rare situation. With cyber attacks on the rise, it’s not safe to say who can definitely protect your data – other than yourself. Staying up to date and vigilant on how your data is stored, and ensuring you are taking care of it on your end is one way to avoid getting caught up in such an unfortunate situation. Even in the case it does happen, you know that you are protected from your side.

Finally, having the right tools. Backing up and staying vigilant are important factors in cyber security. Going the extra step and protecting your data in an encrypted flash drive or portable hard drive can act as an essentially unbreakable safe. Buying a memory stick is often included when buying for back to school, but they are typically cheap, and non-secure. When protecting information such as credit card information, school projects, and cherished images, it makes sense to take extra care.

Upgrading your flash drives and portable hard drives is the perfect antidote to the stress of dealing with back-to-school life, as you will no longer need to worry about losing these important items. When using a secure, encrypted drive, your data will be essentially untouchable. This means all important, private information such as phone numbers, bank details, and passwords will be safe. Even if you misplace the drive or lose it by having a rushed day into the office from the school run – your data will still be completely protected. Having everything safe in one place in a sturdy and reliable drive could make a world of difference.

This could also extend to other things in your life, important documents for your finances, home, work. This time allows room for a second spring clean, where you can sort out yourself as well as your children to prepare for the stressful yet exciting year ahead.

Speak to one of our company representatives now to see what would be best for you, with some of our products starting at only £49. With devices as sleek and helpful as these, you won’t know how you did the school year without them.
We recommend our datAshur personal2, datAshur BT, or our diskAshur M2.
Our datAshur Personal2 works best for a step up on a regular USB, it’s a great starting point for taking your data protection more seriously.
Our datAshur BT is great for keeping things simple with biometric unlock on your phone instead of a keypad and it’s just as safe and secure.
Finally, our diskAshur M2 is our smallest, lightest, and fastest drive. It’s part of our SSD family and is the perfect fit for your more tech savvy, gadget loving parent.

Even in the unfortunate case of losing your drive (it happens) everything on it will be protected so no one will be able to get on to the drive without the PIN. Backing up your data and storing it with an iStorage flash drive or portable hard drive is an unstoppable combination in data protection and your peace of mind.
Make a good flash drive part of your pencil case this school year, your future self will thank you.

World Password Day

World Password Day

With the rise in cyber-attacks and intelligence growing alongside technology in these attacks, it’s more important now than ever to ensure you have a fortified front. This is to avoid the risk and stress of losing not only what is important – but everything.

In this article, we will discuss how to improve passwords, and how to stay on top of them in 5 easy steps.

Nothing simple

This one is obvious, but it’s easy to forget when we’re in a time crunch or feeling a bit lazy. Don’t put anything easy that can be guessed just because you can’t be bothered to take the time to make a proper one.

Don’t keep things the same

Don’t use the same password for everything you have accounts for. This way, hackers only need to correctly guess one password, and then have access to them all. It seems like another simple tip we all know, but it can happen. It only takes one password repeat, and before you know it all of your passwords are the same on every account.

Do keep things the same

It makes sense to change your password often, but it may not actually be the right thing to do. Changing your password often could lead to you making some poor choices out of habit, like just adding a few numbers on the end.

Make it as long and as random as possible

We’re going to talk about password management and how to ensure you remember your passwords – so don’t worry if you make the password as crazy as you can imagine. That’s what we’re encouraging! The more random and long, the harder it will be to hack in to. You could even turn it into a game, making the longest and craziest password possible.

Good management

With all these passwords in all these different accounts, it’s impossible to remember them all alone. There are plenty of reliable apps and sites that can store and remember all your passwords for you. For extra protection, keeping track of passwords and storing them on a data storage device can be an extra step.

World Backup Day: Why 31st March should be a day to act

World Backup Day: Why March 31st should be a day to act

According to Transport for London (TfL) an average of two laptops are left on the London Underground every single day , while the average cost of data breaches in 2022 is reported to total $4.35 million . Ransomware attacks too are on the rise, and these are not limited to the bigger companies but targeted at smaller businesses as well as individuals. This places the integrity of business and personal data on a critical footing, with the potential for cybercriminals to steal your data and sell it on the dark web for illicit purposes which should raise alarm bells.

Having a plan in place to back up your data is one of the most important ways to protect information and keep data safe. Backing up ensures that even if it falls into the wrong hands, a copy of the data is retained, secure and instantly accessible. Here are our 3 tips for World Backup Day:

1. Back up data using a 3-2-1 strategy

Getting into the habit of regularly backing up data will offer a lifeline should data ever be lost, corrupted or stolen. Employing a 3-2-1 strategy, as advised by the National Cyber Security Centre , means having at least three total copies of the data, two of which are local but on different mediums, and at least one copy stored off site. Flash drives, such as those in our datashur® range, offer a light, pocket-sized secure solution for those constantly on the move; for those commuting between office, co-work or work hubs, the diskashur® hard drives provide greater capacity but are still light and flexible; and if more heavy-duty, robust storage is needed for weekly backups, pick the diskashur DT2®.

2. Make sure the data is encrypted

When backing up your data, encryption is critical. Pocket-sized flash drives are light and flexible, but can be lost or stolen, so make sure your data is locked away. Encryption vastly improves the security of files, but it’s critical to select the right device. A PIN-authenticated, encrypted USB flash drive or HDD/SSD with on-device crypto-chip and AES-XTS 256-bit encryption offers complete data integrity, even when brute force action is used. Additionally, using a device with an internal microprocessor that is Common Criteria EAL5+ Certified, and encrypting data with a FIPS certified AES 256-bit encrypted encryption key brings into play military grade protection, which is as good as it gets.

3. Protect data stored in the cloud

When looking to store photos, documents and personal or business files, many people look to the convenience of the cloud. Cloud providers often offer encryption as part of a managed service, which, on the surface makes life simpler when this burden is taken away. However, an encryption key is required to decrypt the data, and this is also stored in the cloud which presents a degree of risk. Keeping the encryption key, which is itself encrypted within a secure microprocessor stored on a hardware encrypted security module, away from the cloud increases the number of security measures from just one layer of authentication - the cloud account login - to up to a five-factor authentication using our cloudAshur solution.

Following these simple tips will put you in a strong position, helping to eliminate security risks while providing fuller assurance as to the integrity of your vital information. This provides peace of mind to those backing up personal data, while for businesses, retaining full responsibility for data encryption and management will contribute to maintaining business continuity and upholding compliance to data protection regulations.

So, if you do nothing else this World Backup Day on March 31st, back up and encrypt your data.

Learn more about improving data security: https://istorage-uk.com/

Avoid paying a King’s ransom for your data

Avoid paying a King’s ransom for your data

By John Michael

The path of digital transformation, accelerated by the unique requirements of the pandemic, has led to untold efficiencies and revolutionary connectivity – but it has also ushered in a new era of threat. More pernicious ransomware puts data at greater risk than ever, and the rise of remote and hybrid working means criminals now have a vast number of new avenues through which it can be deployed. Analysts are calling this the ‘golden age of ransomware’ – and it’s time for the industry to fight back.

Ransomware works

Recent ransomware attacks have demanded upwards of US$70 million1 and cybercrime itself costs organisations $6 trillion per year in global damages2. Spreading through means including phishing emails, unprotected personal computers, exposure to public Wi-Fi, and Zero-Day vulnerabilities, 46% of those hit with a ransomware attack pay the ransom at an average of over US$800,0003. The money behind ransomware makes it an increasingly professional criminal endeavour.

Ransomware-as-a-Service (RaaS) sees ransomware authors offering clients off-the-shelf malware variants and cybercrime expertise. Criminals are also getting bolder, moving from locking down data to stealing and threatening to share it – known as double extortion – or making ransom demands to a business’s third-party clients, called triple extortion. An attack could cause serious reputational damage as well as significant business downtime4 and the resulting financial loss.


Avoid paying a King’s ransom for your data

The human element is a greater liability

Ransomware’s rise has much to do with the vast growth in network-connected hardware and software. IoT devices, particularly if not patched, can act as a gateway to an improperly secured network. The speed at which IT departments were forced to roll out remote access systems during the pandemic left many inadvertent loopholes. These are easier to exploit following the move to more home and hybrid working, which sees employee hardware placed on insecure home networks and public Wi-Fi.

While Zero-day attacks, which exploit platform vulnerabilities, are a real and present threat, they aren’t something that can be easily prepared for. Moreover, phishing – a common method of network infiltration – has become ever more complex and devious over time. The richest prizes have come from those with the highest level of access, and hackers perform detailed reconnaissance on key targets.

Employing a Zero Trust strategy

Minimising the possibility of IT infrastructure attack means taking a Zero Trust approach – building a framework whereby no entity which interacts with your organisation has any implicit trust. Every device, user, platform, tool or vendor must clearly demonstrate its security credentials, particularly as liability for data breaches is highly unlikely to be passed on to third parties. Employees must be trained to understand this, and a workplace culture must be built around cyber hygiene and resilience.

However, even savvy employees can slip up in a tired moment. Hackers with enough insider knowledge may be able to gather sufficient information to infiltrate a network regardless of an organisation’s policies. The tactic now must be to secure the key asset of any business – its data – by implementing consistent encryption and employing a backup policy. Backups must be as protected as core data, ideally with strong encryption, and kept in triplicate online, offline, and off-site.

Protecting the keys to the kingdom

Key access must be protected. The Zero Trust philosophy is doubly important here: trusting keys to a cloud storage provider, for example, could result in the data and keys being compromised in the event of a data centre breach. Moving encryption to a hardware module ensures that data can be protected end-to-end and rendered functionally useless as collateral for hackers. Using hardware encryption on backup drives or USB sticks further strengthens protection in the case that the media is lost or stolen.

There may be no real technological way to stop ransomware attacks from happening, particularly with the human element so vulnerable. True security comes from physical and logical separation between keys and data: if we can render ransomware attacks useless and have a plan in place for recovery, they will end up little more than a very temporary inconvenience.

Learn more about ransomware and how to better protect your business

1 - https://www.theverge.com/2021/7/5/22564054/ransomware-revil-kaseya-coop

2 - https://www.sdxcentral.com/articles/news/cisco-ceo-cybercrime-damages-hit-6-trillion/2021/05/

3 - Sophos State of Ransomware 2022 - https://assets.sophos.com/X24WTUEQ/at/c5234fvn45pvmk5w6nhh4vkh/sophos-state-of-ransomware-2022-infographic.pdf

4 - https://www.statista.com/statistics/1275029/length-of-downtime-after-ransomware-attack/

Maximising data protection for secure remote working

Maximising data protection for secure remote working

By John Michael

The dynamic of the workplace has shifted. A hybrid or flexible model has become the preferred method of working for millions of employees, with remote capabilities allowing greater freedom to collaborate and innovate outside of the confines of the 9-5 office. Yet, despite its many benefits, remote working raises questions about data vulnerability.

Rising cybercrime and the emergence of ‘ransomware-as-a-service’ means that the safeguarding of company and personal data has never been more critical. With data being regularly moved between home, fixed office and even a co-work space, it’s imperative to consider security hygiene and how it can be improved if the hybrid model is to succeed long term.

Transport files securely

The demand for flexible working means a growing number of devices that are potentially on the move, rather than being kept at a permanent desk within a fixed office. The likelihood of a device being left or stolen, therefore dramatically increases, potentially placing sensitive files and company data directly into the hands of a malicious threat actor.

The demand for flexible working means a growing number of devices that are potentially on the move, rather than being kept at a permanent desk within a fixed office. The likelihood of a device being left or stolen, therefore dramatically increases, potentially placing sensitive files and company data directly into the hands of a malicious threat actor.

Encrypt data in the cloud

The cloud is often the preferred option for remote workers to connect and collaborate. However, concerns over cloud security mean that a business might hesitate to utilise its services for data storage. To ensure total privacy, data must be encrypted, but this requirement for encryption cannot be dependent on the cloud service provider (CSP) where the encryption key is stored in the cloud and therefore accessible to hackers and cloud staff alike.

The solution is to remove the encryption key from the cloud and physically store it within a PIN authenticated external USB module. This allows users to access data stored in the cloud, while also being able to securely encrypt information from a local computer, a network drive, or sent via email or file sharing service.

Centralise data management

Multifactor authentication is a highly recommended best practice for data protection compliance. If a hacker were to obtain a cloud user’s credentials, the breach would go unnoticed to the cloud service provider as it wouldn’t be able to differentiate a legitimate user from an attacker. The encryption module increases security measures to as much as five-factor authentication.

Use of an encryption module by authorised staff will reduce the risk of data loss due to human error but doesn’t eliminate the possibility entirely. This is where central management is needed, enabling those responsible for cloud and data security to monitor file activity, set geo-fencing and time-fencing restrictions, encrypt file names and disable users’ access to data remotely.

Back up sensitive information

Regularly backing up encrypted files is essential best practice. Using a 3-2-1 strategy, for example, means having at least three total copies of the data, two of which are local but on different mediums, and at least one copy stored off site.

Consideration should also be given to the means of data storage. A PIN-authenticated, encrypted USB flash drive or HDD/SSD with an on-device crypto-chip and AES-XTS 256-bit hardware encryption offers the highest levels of protection. Adding an extra layer of security, such as a secure microprocessor that is Common Criteria EAL5+ Certified, utilises physical protection mechanisms designed to prevent a wide array of cyber-attacks.

Retaining full responsibility for data encryption and management will contribute to maintaining business continuity, helping managers uphold staff compliance to data protection regulations and eliminating any complexity associated with flexible working models. This ultimately results in peace of mind and safer data.

Learn more about improving data security.

Three critical ways to help financial services protect their data in the cloud

Three critical ways to help financial services protect their data in the cloud

By John Michael

As the digital transformation agenda continues the majority of retail and commercial banks aim to triple their use of cloud services by 2025, according to research1. Cloud-hosted data will enable them to improve agility and take advantage of greater storage capacities, streamline processes and move away from legacy systems. Yet, keeping that data secure can be incredibly challenging. In this blog we look at three critical areas that should be addressed to ensure high levels of data security while still benefitting from cloud technology.

Use encryption technologies to reduce risk

State-of-the-art encryption could save a business from hefty fines in relation to the GDPR in the event of a data breach. Yet worryingly, recent figures suggest that as much as 82% of the databases in the public cloud are not encrypted2. While cloud providers do offer encryption to customers, the only information required to access their data is a username and password. It therefore falls to financial services organisations to take matters into their own hands and ensure data is securely encrypted before it is sent to the cloud, both in transit and at rest.

For ultra-secure encryption, data should preferably be encrypted with a FIPS certified randomly generated AES 256-bit encrypted encryption key, providing the highest levels of security and protection. The user should retain full control of this key, ensuring that it is stored separately to their data. Taking this approach means that even if the cloud account is targeted and hacked, the data cannot be accessed.

Share information securely using multi-factor authentication (MFA)

In the financial services sector, highly sensitive information is shared regularly between businesses. While the cloud facilitates instant collaboration, co-operating parties should ensure that data is encrypted and that relevant stakeholders are provided with a copy of the encrypted encryption key to access the files. This introduces a multi-factor authentication (MFA) security procedure, even when data is sent to a third party.

As an example of unsecure third-party access causing major issues, a data breach suffered by a South African bank in 2020 effectively put the data of 1.7 million customers at risk. While the bank’s own network remained secure, the breach concerned the premises of a third-party business who had been entrusted with customer data for marketing purposes. Here, encrypted data with an encrypted encryption key stored separately would have prevented the incident.

Control access and centralise data management

Controlling access is a major factor in mitigating the risks associated with human error. Through centralised management, those responsible for cloud and data security in the organisation will be able to monitor and control file access, set geo-fencing and time fencing restrictions, encrypt file names and disable users’ access to data remotely. This will go a long way to eliminating security risks.

As financial services organisations continue to collect more data, the cloud can be a viable solution to the processing, storage and sharing of confidential information. But the cloud will only be useful in this regard as long as security measures can be enforced. High-quality encryption and effective centralised control of access to sensitive information will provide the financial services industry with the peace of mind that comes from having safer data.

Learn more about managing, sharing and encrypting data in the cloud.

Who is liable for your data in the cloud?

Who is liable for your data in the cloud?

By John Michael

In an age of ‘cybercrime-as-a service’, cyberattacks, arising from both state-sponsored groups and hacking collectives, are now inflicting unprecedented levels of damage, with the Cisco CEO reporting it now costing USD $6 trillion per year1. According to the Allianz Risk Barometer 20222, cyber incidents have become the most important business risk, increasing in regularity and complexity. In a single month (May 2022), 49.8 million records were breached3 with extensive media coverage reminding organisations to be mindful of their responsibilities.

Despite initial concerns about data hosted in the cloud, providers have been quick to promote security capabilities along with other benefits of scalability, cost and convenience. Yet, the security element can be somewhat misleading. The terms and conditions of many major cloud providers include a ‘limitations of liability’ clause which places data-security responsibility with the cloud user. More stringent measures, therefore, should be considered when considering cloud storage.

Encryption and key storage

When looking to establish robust security measures for cloud data, a vital step is to consider encryption. Cloud providers will offer encryption as part of their service, which, on the surface makes the roles of IT and security personnel easier when this burden is taken away as part of a convenient managed service. However, there is a pitfall in relation to the way this data can be accessed.

Unlocking the stored data requires an encryption key. As this is often also stored in the cloud, it therefore has the potential to be accessible, not only by malicious threat actors, but also by anyone working on the systems that hold the data. To be truly secure, the user needs to have full control of the encryption key, and to ensure that it is stored separately to their data. Following this approach will mean that, even if the cloud account is targeted, the data it contains cannot be accessed.

Controlling shared data

While encrypting data to be shared is imperative, posting encrypted USB flash drives to and from stakeholder becomes time consuming and highly impractical. Sharing encrypted data securely in the cloud allows for instant collaboration. Keeping the encryption key, which is itself encrypted with a PIN authenticated code, away from the cloud, increases the number of security measures from just one authentication - the cloud account login - to up to a five-factor authentication.

1 SDX Central (2021): Cisco CEO – Cybercrime damages hit $6 trillion

2Allianz (2022): Allianz Risk Baromter 2022: Cyber perils outrank Covid-19


Safer data and how to protect it in a multi-cloud environment

Safer data and how to protect it in a multi-cloud environment

By John Michael

Multi-cloud has grown considerably in popularity for many businesses due to its ability to increase agility whilst minimising vendor lock-in, improving disaster recovery and boosting application performance, all while streamlining costs. However, data protection issues are of increasing concern. This is because multi-cloud in the enterprise often comes about organically to meet evolving requirements, so is not always planned. When business departments create their own complicated silos of data, this decreases visibility and can impact upon compliance. But what is the solution?

Encrypting confidential data

A multi-cloud architecture can make data migration easy, but managing access to the data and keeping it confidential can be challenging. Regardless of the mode of transfer or method of storage, information remains a valuable commodity that is vulnerable at all possible points of connectivity. The most effective methods to address such vulnerability is to consider secure encryption.

Encrypting data both in transit and at rest is critical. Data should preferably be encrypted with a FIPS certified, randomly generated, AES 256-bit encrypted encryption key to be ultra-secure. Confidential information stored locally on a computer or hard drive, sent via email or file-sharing service, or shared via data transfer in the cloud should equally be securely encrypted. Taking such an approach guarantees ongoing protection, keeping data confidential and giving IT leaders peace of mind.

Check out our

Goverment certifications

Centralised remote management

As the use of multi-cloud environments means that sensitive data is stored in silos and transferred across numerous servers, it’s important for security managers to gain a holistic view as to which cloud providers hold which data, where that data is located and who holds access permissions within the organisation. This will enable geo-fencing and time fencing restrictions to be set, filenames to be appropriately encrypted and remote access to be enabled or disabled depending on requirement.

Key management for encrypted information is also important. Authorised users can be given a copy of a physical encrypted encryption key; a randomly generated encryption key stored within a USB module to allow ultra-secure and real-time collaboration in the cloud. Having a key management system in place provides greater control of encryption keys when using a multi-cloud solution, helping to facilitate a more centralised administration and management approach to data security.

Learn how can you

Securely collaborate in the cloud using our KeyWriter software

Multi-factor authentication

Businesses need to have clear processes in place that all employees follow to uphold adherence to data protection regulations, regardless of where they choose to store the data. Incorporating multi-factor authentication will help in relation to data protection governance and is an important step in standardising policies, procedures and processes across multiple cloud providers.

If a malicious threat actor obtains a user’s credentials and compromises an account, the breach is likely to remain unnoticed by the cloud service provider who will not be able to tell the difference between a legitimate user and an attacker. Using an encryption key that is kept away from the cloud increases the number of security measures from just one level of authentication - the cloud account login - to as many as five-factors of authentication. The encryption key should itself be encrypted within an ultra-secure Common Criteria EAL5+ secure microprocessor along with a PIN authenticated code.

As more businesses move toward a multi-cloud setup, security leaders should be looking to follow such recommendations to bring peace of mind to the enterprise and, ultimately, result in safer data.

Learn more about

Managing and encrypting data in the cloud

You may also like