Report Encryption in the cloud from Microsoft Azure and Amazon Web Services

In this report, you will read about the research we conducted with it-consultant Xebia on data encryption in the cloud. We focused on the US cloud vendors that SURFcumulus users deploy the most: Amazon Web Services and Microsoft Azure.

Secure international data transfer

In higher education and research, the use of cloud computing is growing. This raises privacy concerns when data is processed by non-European cloud suppliers. Together with Xebia, SURF researched the possibilities of encryption.We focused on the most widely used American cloud suppliers in Dutch higher education and research: Amazon Web Services (AWS) and Microsoft Azure.

Read about technical measures to reduce privacy risks of international data transfers, with a focus on data encryption and key management, in the report we wrote about this.

Optimal control over keys

You can read about some recommendations in the report. For optimal control over keys, use:

customer managed keys (CMKs) in Azure and AWS
Premium service tier of Azure Key Vault with HSM-backed keys (specific to Azure).

More information

The study on encryption is only one part of information security; we want to investigate further information security in the cloud. Thinking along? We'd love to hear what's important to you!