In our articles on the paradox of trust in cloud platforms and securely managing encryption keys , we noted that in some situations, encryption keys should not be stored with the cloud provider. Such situations, albeit rare, do occur. Moreover, when this happens, it is usually a very serious problem or important data.
In this article, we will look at 3 scenarios where keys need to be stored outside the cloud, despite all the benefits of the cloud.
Scenario 1: Data that is best not to be stored in the cloud
, , . , .
, . , . , . PCI DSS. , FIPS 140-2 ( 3).
, . , , (, , ). .
, . , , , . , .
, . . , . .
โ 2. ,
. , , . , . (, ), ( ). , Hold Your Own Key (HYOK).
, . , , , , , , / . (, TISAX ), , , . , , ( ).
, , . , . : , , . : , .
, " , , . , Google Cloud . , , . ".
, Google Cloud .
โ 3.
. . Gartner, , , .
, . , , .
( ) . , . . , . . , .
, . , .
, , , .
, . , , , , .
Google Cloud EKM (External Key Manager) (Ionic, Fortanix, Thales . .), .