We can not deny that more and more companies are using cloud-based applications to store documents and files. The Sotware as a Service (SaaS acronym) has seen increasing demand for online applications and file storage.
One of the most common problems concerning security controls in the cloud, specifically: provable data integrity. The difficulty is to know if your files have been tampered with or compromised because, in general, they are held by a third party.
The cloud-based services create control issues and documentation:
- Companies no longer have complete control over the design and management of protection systems and possession of your files.
It is important to document the security, integrity and chain of custody of the records to prevent loss of relevant information.
That's why companies need to be completely sure of the confidentiality of their files before moving to use cloud services.
Some people believe that only encrypt the files is enough, but do not know that they are still vulnerables.para attackers do not need to break encryption algorithms to get the encrypted data. can achieve their goals more easily by exploiting web vulnerabilities or using social engineering to obtain end-user credentials and then use them to access confidential files.
Once an attacker obtains the credentials of a legitimate user can access, decode, change, re-encrypting and saving files. Server side file encryption not provide evidence that the files were handled.
The missing component for cloud security is a data protection service file integrity based on cryptographic timestamping. This technology allows enterprises and cloud service providers to seal and then validate files - that is, to generate unique fingerprints and time points for the files and then validating that a recovered copy is exactly the same as the version stored weeks, years or decades earlier.
When encryption protects the confidentiality of the files, cryptographic timestamping can prove its authenticity and integrity.