Most organizations struggle to control the exploding numbers of machine identities that they rely on for secure connections and communications. This is further complicated, as organizations embrace digital transformation, where they may be tempted to turn over the responsibility of managing encryption keys to cloud providers. While this may prove to be efficient, it is not the most strategic choice for an organization’s security posture. Nowhere is tight control of encryption keys more important than in highly regulated environments, such as financial services and healthcare.
Microsoft has now recognized the need for enterprises to maintain control of their own risk profiles for encryption in the cloud. Last week, Microsoft launched the public preview of a new security feature for Microsoft 365—double key encryption. Double key encryption enables enterprises to protect highly sensitive data while keeping full control of their encryption keys.
Microsoft explains how the double key encryption feature works to ZDnet, "It uses two keys to protect your data - one key in your control, and a second key is stored securely in Microsoft Azure.”
Microsoft added, "Viewing data protected with double key encryption requires access to both keys. Since Microsoft can access only one of these keys, your protected data remains inaccessible to Microsoft, ensuring that you have full control over its privacy and security."
Pratik Savla, senior security engineer at Venafi notes, "When looking at the double key encryption, one is reminded of the famous two-man rule implemented in some form or variation by a lot of banks and certain other entities. While it isn’t an ideal decentralized client-side key management model where the customer is made as the only key custodian, double key encryption still decentralizes and overall manages to impact (primarily) the security principles of access control and accountability in a relatively positive way.”
Double key encryption can play to your advantage in at least two possible scenarios, as reported in ZDnet. It can safeguard sensitive intellectual property and it can ensure confidentiality in highly regulated environments.
- Safeguarding sensitive intellectual property. If your organization has proprietary information that you’d like to move into the cloud, then using the Cloud provider’s key to encrypt that data won’t adequately protect it. You may still be concerned that your cloud provider may grant third-party access to the data or have an operator that may inadvertently decrypt sensitive information. With double key encryption, you could encrypt your sensitive content with your own key, and then proceed to re-encrypt it with your cloud provider's key.
- Ensuring confidentiality highly regulated environments. Your organization (or government agency) may want to share confidential information with a contractor via a cloud platform. However, your organization’s data policies may require that certain information remains opaque to third parties. In that case, you would use double key encryption to encrypt your information before sharing it with a third party over a cloud platform. It’s an effective way to guarantee that the cloud provider doesn’t have access to the content—only the intended recipients do.
But even though the move towards double key encryption can help in minimizing the risk of exploitation of a compromised key or at the very least make it frustratingly difficult for an attacker to do such, it still doesn’t necessarily alleviate the concern of key exposure. “Cryptographic keys have always been a significant security Achilles heel for a lot of companies who either are cloud-based or are strongly preparing to become one. There are still both known and unknown threats that can result in a key being compromised,” warns Savla.
Savla continues, “Even with improved risk awareness these days, one sees many instances where enterprises might not even know that their key(s) has been compromised until much later, which makes a number of threats still very real and relevant. One may only consider encryption as a fail-safe mechanism as long as decryption is not possible."
Either way, you still have to be sure that you protect all of your private keys. Do you know where all of your organization’s private keys are and who’s using them? Learn more about machine identity management.