Encryption management and HCI
Hyperconvergence is becoming more widely accepted in government IT infrastructure, with agencies like the Department of State and the Government Accountability Office moving to the solution.
A hyperconverged infrastructure (HCI) enables organizations to scale IT in the cloud while maintaining the performance, reliability and availability of an on-premises data center. It combines storage, compute, networking and a hypervisor into a single solution for a fully functional data center. But it’s not without its particular set of problems – for example, ensuring that sensitive data is properly encrypted and encryption keys are appropriately managed.
As organizations migrate to this new architecture, they often use native HCI security to protect their sensitive data-at-rest. Federal agencies, however, often require additional security to ensure that their sensitive data is properly protected. With regulations requiring compliance with the Federal Risk and Authorization Management Program and the Federal Information Security Management Act, combined with the high cost of data breaches, the pressure to protect sensitive data has never been greater.
Let’s take a closer look at some considerations for organizations managing their valuable data-at-rest in a hyperconverged infrastructure.
External key management
An external key manager offers several benefits to agencies managing data natively in a hyperconverged IT infrastructure. External key management ensures appropriate data controls as well as data and key lifecycle management, while facilitating audit and compliance requirements.
External key managers can also help organizations streamline audit reporting, providing signed, validated log information on both key management and key consumption – that is, who accessed the key, the event time and the success or failure of the operation.
What’s more, these tools also can define permissions for key administrators and key consumers, ensuring appropriate data access through separation-of-duties requirements used by HIPAA, FedRAMP, the Department of Defense's Security Requirements Guide and others.
Encryption key management should incorporate some level of centralized policy and control. It’s not as simple as creating the key, encrypting the data and forgetting about it. A key lifecycle management strategy should also enable functions such as:
- Key generation
- Key retirement
- Determination of key activation or de-activation
- Key rotation (to ensure the periodic update of key content)
- Destruction (when required)
Hardware or virtual management? Compliance implications
Compliance with Federal Information Processing Standard 140-2 requires organizations stop using encryption algorithms deemed unsafe and deploy tamper-proof appliances. Appropriate key management must allow organizations to set best practices to ensure proper algorithm usage.
For organizations that require more than just the disabling of unsafe encryption key algorithms (that is, almost all federal agencies), external key managers have two additional levels of security: storing keys in hardware where any tampering is readily evident and providing tamper-resistant key storage. External key managers can also integrate with hardware security modules for a higher level FIPS certification.
When selecting an appropriate key management platform, agencies can opt for either a hardware appliance or a hardened virtual security appliance. There are benefits to both, but virtual appliances also enable organizations to scale key management at remote facilities or in cloud infrastructures, such as VMware. This can eliminate the cost of additional rack space.
With the growth of cloud-based IT infrastructures, key management must work with a variety of encryption products as well as self-encrypting drives, tape archives, storage-area networks and the growing list of vendors supporting the OASIS Key Management Interoperability Protocol standard.
Multiple key types must be addressed in a key management strategy to centrally manage both symmetric and asymmetric keys, secret data such as passwords, certificates as well as policies associated with those certificates. That’s a complex collection of requirements, and it demands a simplified management of encryption keys across the entire lifecycle for secure key generation, storage and backup, key distribution, deactivation and deletion.
Unified key management across multiple encryption deployments and products can ensure that administrators have restricted roles for their scope of responsibilities. A virtual key management approach can securely store encryption keys for diverse encryption solutions, including virtual machine encryption, as well as both traditional storage and hyperconverged solutions.
Today’s hyperconverged networks demand a comprehensive range of encryption solutions to secure data-at-rest and data-in-motion across organizations. With the proper strategy in place, organizations can address a wide range of challenges, from simply encrypting data that stays at rest to ensuring that only encrypted text information is ever transmitted across the network and outside the organization.