Brent Hansen, federal chief technology officer and director of sales engineering for cloud protection and licensing activity at Thales, has said government agencies and industry should collaborate to come up with strategies designed to protect data in the cloud or in data centers.
“In ‘as-a-service’ environments, agencies should run encrypted workloads and keep their encryption keys in an on-premises data center where they can protect those keys using the FIPS 140-2 boundary key appliance,” Hansen wrote.
“That way, agencies can supply encryption keys to their cloud providers and revoke them if necessary,” he added.
He called on agencies to encrypt data from the moment of its creation by working with vendors that can integrate platform-as-a-service offerings into their software.
Hansen said the cloud’s agile environment provides agencies an opportunity to modernize their data security approach as they update their applications. He also cited the role of agencies in ensuring the security of their data in the cloud.