CC&G Week 8 Posting - Cloud Storage Security

 Cloud Storage Security

      Data security is an essential aspect of evaluating storage options. Administrators should evaluate data based on sensitivity, compliance, lifecycle, and visibility. Data sensitivity will determine who has access to the data due to its content. Compliance covers any storage rules or regulations that the data might fall under. Lifecycle examines when data needs to be active versus when it should be placed in cold storage, archived, or deleted. Visibility involves the tracking of data. 

    Obfuscation covers processes or methods to make data hard to read. This process is helpful when data is stolen in a breach. An example of obfuscation is encryption. Encryption takes data and mixes it up to make it unreadable. Once encrypted, it can only be decrypted with the correct key. Another example of obfuscation is tokenization. Tokenization serves as a placeholder for the original data during storage. Only the correct token can unlock the data. An example of this can be found in Indiana Jones and the Raiders of the Lost Ark. In the opening scene, Indiana looks to swap the idol for a bag of sand. The weight of the bag of sand was incorrect, and a giant stone came rolling after him. Yes, he did manage to escape the temple with the idol, but it was taken from him by Belloq. So, no token = no data.