Implementation of Cloud Services in a Business Environment
63
7.5.3
Break-Glass Procedures
Break-Glass Procedures are used in emergency situations. They enable authorized
users to bypass certain security controls and protocols. Such a procedure is
followed by an alarm and only used as an initial step towards limitation of damage
(
Sitaram & Manjunath, 2011, p. 310).
7.6
Cloud Encryption & Data Security
Data in the cloud follows the same requirements for data protection, as it is the case
with any other data. Schweighofer (2013) notes that data protection and security is
especially in the business field of Intellectual Property an important topic, because
inventions are only worth to be protected, as long as they remain new (no public
disclosure).
There are numerous factors that need to be considered, as soon as data is
transferred into the cloud (Cloud Security Alliance, 2011, pp. 129-130):
A secure transfer channel is just the tip of the iceberg. The encryption of the
data during the transfer process into the cloud does not ensure a protection
in the cloud as well. Hence as soon as the data reaches the cloud, it should
be protected during times of access and rest.
Unstructured files (e.g. bulk transfers) must be secure when stored or shared
in the cloud. A way to fulfill this task is to use data-centric encryption, or
encryption embedded into the file format itself.
Knowledge about all encryption and decryption keys for the entire lifecycle of
data. Avoidance of any shifts of responsibilities for the management of these
keys is recommended.
