Hosted data-at-rest encryption is vulnerable
For full protection there are two vulnerabilities that data-at-rest encryption needs to address. Hosted services only address the lesser of the two.
Encryption for data-at-rest provided by hosting services provides far less protection than you need. It really only protects against a nefarious person getting possession of the actual hard drive on which your data is stored. The chance of that is essentially zero. Your data is physically stored in large data centers with robust physical security. Have you ever read about a case of criminals breaking into such a place and making off with a handful of the hundreds of thousands of hard drives stored in the center? We haven’t either. So encrypting your data on such a drive provides very little of the protection you seek. The bigger threat to your data when hosted by these services is right through the virtual front door. Your data is accessed by public APIs to which the entire world has access. If a nefarious actor is to get your data it will be by getting past the authentication measures in your APIs. In that case, it doesn’t matter whether your data is encrypted at-rest or not. If the bad actors get through the APIs, the hosted service will assume it’s a legitimate request and decrypt the data for the API call. Having encryption provides no additional protection than none at all in this case. What you need is protection against nefarious actors getting access through your APIs, the highest vulnerability, and you don’t have that with encryption for data-at-rest supplied by hosting services. Go back |