What does Zero Trust mean? Well it’s nothing to do with conspiracy theories, if that is what you are thinking.
Cloud storage allows businesses to access their data from anywhere, allowing them to work from any location, with all their documents available to them. But how secure is that data? The answer is pretty secure, but there are weak points where your data would be susceptible to hackers.
Did you know that whichever provider you use for your cloud storage, they can access your data, and if requested to do so, can pass your data on to relevant authorities?
There are two types of encryption of your data, encryption at rest and encryption in transit, as explained below.
Encryption at rest
This is the encryption when your data is being stored with your cloud storage provider, your data will be encrypted, so requires a form of key to access it.
Encryption in transit
This is the encryption method when your data is being sent to or received from your cloud storage.
But there are weak points with all cloud storage providers, although the type of encryption used varies slightly between the providers, the important points are that while your data is in transit, the data itself is not encrypted, only the channel that it passes through. Your data is only encrypted when it reaches the cloud storage servers. This means that if a hacker decrypted the channel, then the data could be accessed.
The other weak spot is the encryption itself. To encrypt data, it needs a key to open it and these keys are stored by the cloud provider, often within the same environment as the encrypted data. A bit like locking your house door and hanging the key up next to it.
These keys are essentially like a password, you wouldn’t share the password for your online banking with anyone, but you are sharing the password to all your business data with a cloud provider.
But there is another way, and that is Zero Trust or Zero Knowledge.
This works, by encrypting your data before it is transferred to the cloud storage. It also does not store the key to access your data, the term being private encryption.
If you are the only one that knows the key or password to your data, then no-one can access it other than you. On the downside if you forget your password your data will be lost.
GET IN TOUCH
Most businesses will not require or feel the need to opt for Zero Trust encryption, but if you would like more information about our Zero Trust services, please call us on 01327 300311 or complete our short contact form.
Keba Computers – we put the IT in Quality.
I have used Keba for the last 10 years because I am dealing with friends not a business. I'm always happy with the service & solution provided and have no hesitation recommending them for anything IT. - Shaun Malin