Amazon EBS Encryption for Security and Compliance

iStock_000022579586Medium-300x2251Encryption has been a hot topic issue, especially in these last couple of months. The reason for is that due to the rise in cyberattacks and data leaks, there has been an overwhelming need for strong, powerful encryption of data stored across a multitude of devices. Often, in order to encrypt data on a server, workstation, hard drive, or a mobile device; you had to use a third party provider to encrypt and secure the data. Amazon realized the need for having built-in encryption and in 2014, released EBS Encryption for Amazon Web Services (AWS).

EBS Encryption provides simple encryption for EBS volumes, without having to build, secure, and maintain key management for encrypting each volume.  Elastic Block Store (ABS) is a persistent block level storage volume for Amazon EC2 instances, a core component of Amazon Web Services that allows users to rent virtual private computer servers to run applications. What EBS Encryption does is it allows users to create an encrypted EBS volume and then attach it to a supported instance type. Once that is done, data including data at rest in the volume, snapshots of the volume, and disk computing input/output (I/O) are all encrypted.

It is important to note that not all EC2 instances are eligible for EBS Encryption. Amazon has a list of supported instance types on their website, which include instance families such as General Purpose and Storage Optimized.

Benefits of EBS Encryption

Ease of Encryption for Security and Compliance

All businesses should have their data encrypted. It is IT best practice, and should be best practice for business in general, to encrypt and secure data. Each company has their own set of sensitive data that can include contact information of customers, financial information of clients, sensitive information such as social security numbers, and even exclusive vendor information. This data needs to be encrypted to protect against the data falling into the wrong hands.

For many companies, depending on what industry they are in, they need to have their data encrypted in order to remain in compliance with industry regulations. Previously, companies that had compliance requirements needed to utilize a third party service or program to encrypt their data in storage. With EBS Encryption, the data (in applicable instances) is automatically encrypted saving time and money on having to utilize a third party provider for encryption.

Secured, Redundant Storage with Availability Zones

In addition to providing companies with scalable and elastic data storage options, EBS storage instances also have business continuity built-in. Each EBS volume is replicated, automatically, within an Availability Zone of the end user’s choice. This protects company data from component failure and ensures high availability. So if one of Amazon Web Service’s data center goes offline momentarily, the data replicated in the Availability Zone becomes activated, keeping computing operations running smoothly. With EBS Encryption, not only is the data stored in the cloud server encrypted, but the data stored in the Availability Zones for fail over are also encrypted.

For more information on how you can protect your cloud data with EBS Encryption by Amazon Web Services, contract Privo IT today.

About the Author

Nick Underwood

Nick Underwood has over 15 years of experience supporting IT infrastructures for businesses across a broad range of industries.


    Get Your Project Started With a Free Consultation

    Get a Free Consultation