76
No administrator access to keys
Keys never published in plaintext
Separate authentication for access to key management functions
Measures to protect temporary stored keys
Secure key archiving and replication
In addition, the Cloud provider must ensure that its employees do not abuse
their privileges and they treat customers' information as confidential. The
Cloud provider's users and administrators should possess only those
privileges which are necessary to perform their job (Least Privilege Model)
and critical administration activities should be conducted in accordance with
the principle of dual control.
Secure data archiving
The logical or physical segregation of customer data also applies to data
archiving, which must also be encrypted. In addition, exception processes
must be implemented to enable data searches and extraction to fulfil
regulatory compliance at all times, such as forensics. These actions should
be initiated by the customers.
Secure data deletion/erasure
Whether required by law or simply to satisfy Cloud users when they switch
providers, the permanent deletion of data in the Cloud is very important in
many cases. The data must be properly deleted from all storage media
including archive storage so that the following virtual machines cannot
access the data residing on the medium. If this data were encrypted, not
only the actual data but also the encryptions keys must be deleted. A secure
deletion process should be used for this purpose. Current practices include
multiple data overwrites and the physical destruction of hard disks.
In addition, it is important to ensure that the Cloud provider has a solid
security architecture and secure multi‐tenancy at all infrastructure levels
including (virtualisation, network, platform, application, and data). For the
effective protection of the Cloud infrastructure, all aspects of data
authenticity, integrity, accessibility and confidentiality must be covered,
meaning physical (computer centre), virtualisation, network, application,
platform and data security must be understood and scrutinised fully.
In addition, it must be ensured that the Cloud provider works according to
ISO 27001 as well as a defined procedure model for managing IT processes,