A cloud lockbox to keep data secure
- By Amanda Ziadeh
- May 29, 2015
Survey after survey of IT managers cites security as a major concern in moving data to the cloud. An insider with cloud administrative access can leak information, steal personal identifying information or manipulate computations. Any scenario can be disastrous for a government agency.
Those concerns could soon be allayed by Verifiable Confidential Cloud Computing. A Microsoft security initiative, VC3 protects cloud-stored data, even when it is used in calculations or other transactions.
VC3 keeps cloud data secure from unauthorized viewers with a lockbox-like storage method where data can only be uncovered within the safety net of the VC3 hardware. Data in the VC3 cloud is decrypted, processed and re-encrypted, where it will remain fully secure from malicious actors or hackers. VC3 also ensures that no one can access the system during calculations, even those working at the cloud service provider, Microsoft wrote in its blog.
Once all transactions are finished, the data is encrypted again and moved back to the secure hardware storage.
According to the research paper, VC3 allows users to run distributed MapReduce computations in the cloud while keeping the code and data secret. It runs on unmodified Hadoop, but “crucially keeps Hadoop, the operating system and the hypervisor out of the [trusted computing base]; thus, confidentiality and integrity are preserved even if these large components are compromised.”
Microsoft Federal CTO Susie Adams told GCN in a recent interview that creating a "trusted cloud" was a key priority for Microsoft -- providing not just strong security, but real transparency about that security architecture.
"The way we managed data centers has been a continuous evolution, from the ground up," Adams said. "It's not just about how we actually meet the compliance regulations, whether it's FedRAMP, security controls... we also look at privacy control and transparency as core pillars of this."
Convincing government customers to move critical systems into the cloud demands that approach, she said: "It's not, 'Trust Microsoft -- here, buy a box of software and install it behind your firewall.' It's, 'Trust Microsoft, and I'm going to move my workload and my data into your data center.' There's a different kind of handshake there. "
Microsoft has built a similar customer lockbox into Microsoft Office 365, Adams said. That lockbock, which was released earlier this year, gives a customer explicit control in the event a Microsoft engineer needs to access customer content to solve a problem -- or if a third party seeks access for any reason.
Lockbox requires multiple levels of approval, assuring that a Microsoft engineer will not gain access to a client’s cloud if the layers of approval are not granted. "We will NOT look at customer data unless they OK it," Adams said. The system also allows for limited authorization that is logged and audited, with activity viewable to customers via Office 365 Management Activity logs.
The Office 365 Management Activity API, announced in April and available for a private preview this summer, also promises to boost security and compliance monitoring capabilities with visibility into user and admin transactions within Office 365. The application programming interface will track activity from SharePoint Online, Exchange Online and Azure Active Directory, with plans to expand to additional Office 365 services within the suite, Microsoft said in its announcement.
“This is huge for the federal space, the ability to look at activity logs and APIs,” Adams said, stressing that VC3, Lockbox and log tracking tools will help agencies deliver openness and transparency without compromising security or privacy.
"The way we manage data centers has been a continuous evolution, from the ground up," she said. "Really, 'trusted' is the big thing."
Amanda Ziadeh is a former reporter/producer for GCN.