2021 Call for Code Awards: Live from New York, with SNL’s Colin Jost! Learn more

Multicloud Encryption built for a Resilience

Abstract

As organisations move to embrace Cloud services, their reliance on security and resilience is increasing. Security is becoming integrated through tight automation throughout the lifecycle of a system making security services business critical.

Encryption and key management is one of the most challenging areas to get right without interfering with the resilience and operation of systems. It is also too easy to define a solution that does not protect the data or specify components that do not integrate. In the worst case, the data being protected can be irretrievably lost or cause severe interruption to the operation of a business.

The effective implementation of encryption to protect sensitive data needs to be better understood to meet GDPR and HIPAA requirements. This presentation starts with discussing the risks driving the protection of sensitive data using encryption and a proposed strategy for use of data-at-rest encryption.

The core components and standards of an encryption and key management solution are then discussed with experiences of developing architecture patterns to meet security, resilience and operational requirements. A solution for a global hybrid multicloud environment, based on a client solution, will be discussed with the architecture decisions made supporting ongoing security, resilience and operation of the service. The key constraints that influenced the design will be discussed.

The session should leave attendees with an appreciation of the challenge with integrating encryption and key management into an enterprise and the architecture decisions to avoid enabling a solution that maintains the resilience of an organisation.

Speaker Bio

BIO – Mark is a Security Architect within the Cloud Engagement Hub helping clients integrate security into their journey to build a hybrid cloud. He has gained extensive experience, in the past 27 years, designing and implementing security solutions for hundreds of organisations globally. Data protection of sensitive and confidential data is a priority for many clients. His specialist expertise in the design and implementation of resilient encryption solutions, for financial services clients, is shared in this presentation.