Bring Your Own Encryption Is The Only Way To The Cloud


While still a relatively new model, bring your own encryption (BYOE) is gaining momentum in a cloud-dominated world built around the Always-On Enterprise and its need for more effective security. This approach has many benefits to organisations who implement the model.

In simple terms, BYOE provides companies with the ability to use their own encryption software and manage their own encryption keys on a cloud service. As the name suggests, it really is a case of bringing their own encryption to a cloud or service provider platform of their choice.

Traditionally, IT security has been stuck in the middle ground of providing protection with a minimal impact on the user experience. The practicality of tightening defences in the modern data centre to such an extreme that resources are as best protected as possible does not work in a world focused on ease of use, real-time access, and multiple devices.

More recently, there has been a move towards social engineering and attacking what is perceived to be the weakest point of any IT security system – the user. After all, you can have the best systems in the world, but if an employee leaves a password lying around or does not take care of a mobile device linked to highly sensitive corporate data, then there is little to be done.

BYOE Seeks To Change This

From a security perspective, BYOE significantly reduces the potential for data to be compromised in a data centre. Encryption has long been a preferred way of approaching protection on a file level and the same applies to those in a cloud or hosted environment.

As data access is limited to those with encryption keys, the level of user and device authentication is taken to a significantly more defensible level. This is especially important when it comes to compliance issues like data sovereignty as it will be encrypted wherever it is stored.

Another common concern for organisations adopting a hosted environment is what happens if they want to migrate data to a different provider. Fortunately, encryption makes this much easier than before. Even if residual data remains on the previous provider, it would be completely inaccessible without the correct key. This provides decision-makers with the peace of mind that company data will always be encrypted and locked during and after a migration. 

This combination of security and fulfilling regulatory requirements that will see BYOE being adopted by organisations looking at taking their cloud strategies to the next (and safer) level. And while there is a level of security required by companies differ, there is still a fundamental layer of protection that is necessary.

The enterprises who are serious about becoming truly Always-On need to find the best way to protect their data while still finding an effective way of giving relevant employees access to it. Even though it is still in its infancy, BYOE promises the security and flexibility required for the connected era.

Rick Vanover

Rick Vanover (MVP, vExpert, Cisco Champion) is the director of Technical Product Marketing & Evangelism for Veeam Software based in Columbus, Ohio. Rick’s IT experience includes system administration and IT management; with virtualisation being the central theme of his career recently.