Accessing cloud-based resources, whether they be IaaS/PaaS/SaaS-based, is very convenient. With a browser and Internet connection, you are up and running. No driving to your work office, no need to log into the corporate network. Just open up your web browser and go. This convenience, however, comes with a security risk. All of your business work is conducted over an insecure communication network. Unlike your office network, where the network link between you and the data center is under corporate control and is physically secure, the cloud access link is over the Internet. The wild, uncontrolled, used-by-everyone-in-the-world Internet. There are no guarantees about who else has (or does not have) access to your network communication link. In fact, from a security perspective, we assume that the cloud link (i.e., the Internet) is unsecured and hostile. Any sensitive or private information WILL be accessed by someone else. This is why we have a need to protect “data in flight.” The data may be safe once it gets to the cloud provider, but during the transmission we need to protect it and ensure it remains private. To ensure secure communication across the Internet, a key fundamental cloud security principle is to encrypt the data transmission whenever you engage with a cloud resource. In this blog we introduce the security concept of protecting “data in flight” and explain how it operates.
Read more