The Case for Bringing Your Own Encryption to Microsoft's Cloud -- Redmond Channel Partner

The Case for Bringing Your Own Encryption to Microsoft's Cloud

The public cloud and third-party encryption offerings from Microsoft provide partners a key opportunity to do their customers a real service.

By Scott Bekker
December 04, 2014

One of the great benefits you bring to customers as a Microsoft partner comes when you can say, "Here's what Microsoft's marketing brochure says and, yeah, it's a great product. But here are the problems we need to overcome to make it really work."

The public cloud and third-party encryption offerings from Microsoft provide one of those opportunities to do customers a real service.

There are three serious issues with storing data unencrypted with Microsoft, or in relying on Microsoft's own encryption. (Most of these objections apply to other public cloud vendors, too.)

First, there's the issue of Microsoft deciding to look at the data because it can. Paranoid? No, the company has already done it. It has searched a French blogger's Hotmail account in September 2012 while seeking to prove that a Microsoft employee was leaking trade secrets. After court documents revealed the tactic this March, Microsoft made a show of putting internal controls in place. But the protections really boil down to Microsoft determining unilaterally that a court would theoretically grant the company permission.

If your customers encrypt their data and keep their own keys, neither Microsoft lawyers, nor rogue Microsoft admins, can give in to temptation.

Next, the old argument goes that Microsoft and other big cloud providers are more competent at security than smaller hosters or customers could ever be. The theoretical caveat was that those juicy datacenters made a much, much more attractive target to the bad guys. Few observers were classing the U.S. National Security Agency (NSA) as one of those bad guys, but the Edward Snowden revelations show the NSA has been crawling all over the megavendors to get in their datacenters.

Even if you believe Microsoft's protestations that it didn't cooperate in the voluntary data handovers implied in the PRISM reports, there's MUSCULAR, which involved the NSA intercepting unencrypted communications among datacenters at Google and Yahoo. MUSCULAR frightened Microsoft (and the others) enough that it strengthened its internal encryption. But why leave it to the besieged megavendors to protect your data?

Finally, there's all those counterterrorism-related National Security Letters and the issue of the "blind subpoena," or the short-circuiting of the traditional legal discovery process that storing corporate data in a datacenter allows. The blind subpoena problem seems to be theoretical at this point. Still, if your customer data is encrypted and law enforcement wants the data, they'll have to ask your customer's lawyers for it like they did in the old days.

Having a partner to walk customers through the issues and, if warranted, help them encrypt their own data before turning it over to the Microsoft cloud is a benefit for customers and, really, helps keep Microsoft out of trouble, too. Are you considering encryption of public cloud data? Let me know at [email protected] or leave a comment below.

More Columns by Scott Bekker:

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Free Webcast! Learn about Password Management Best Practices

Featured

Copilot Front and Center at Microsoft Ignite 2024

Microsoft CEO Satya Nadella kicked off this year's Ignite conference with a keynote speech focused on the company's efforts to evolve Copilot.
2024-2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.
Microsoft Extends AI Copyright Protections to Its Partners

Microsoft this week announced several new partner benefits meant to accelerate channel sales amid skyrocketing AI demand.
The 2024 Microsoft Product Roadmap

Everything Microsoft partners and IT pros need to know about major Microsoft product milestones this year.

RCP Update

Email Address*Country*

Please type the letters/numbers you see above.

The Case for Bringing Your Own Encryption to Microsoft's Cloud

Featured

Copilot Front and Center at Microsoft Ignite 2024

2024-2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Microsoft Extends AI Copyright Protections to Its Partners

The 2024 Microsoft Product Roadmap

2024-2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

The 2024 Microsoft Product Roadmap

Copilot Front and Center at Microsoft Ignite 2024

Price Increases Coming to Power BI, Microsoft Teams Phone

Microsoft Extends AI Copyright Protections to Its Partners

2024-2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

The 2024 Microsoft Product Roadmap

Copilot Front and Center at Microsoft Ignite 2024

Price Increases Coming to Power BI, Microsoft Teams Phone

Microsoft Extends AI Copyright Protections to Its Partners

Partner Guides

Partner's Guide to the Windows Server 2008 Deadline

Partner's Guide to Office 365 Security Costs

Partner's Guide to UCaaS

Partner's Guide to Starter Workloads in Azure

Partner's Guide to Microsoft's Fiscal Year 2019

FREE WEBCASTS FROM OUR SPONSORS

Microsoft Ignite 2024: Top Announcements and Takeaways

Shutting Down Session Hijacking and Credential Theft

Back to School with Huntress Managed EDR

That Phishy Feeling: Learning to Spot Modern Phishing

FREE WHITE PAPERS FROM OUR SPONSORS

Your customers need cloud services

Ransomware and You: A Thinker's Guide to Comprehensive Ransomware Protection

Key Questions to Consider Before Selling Your Microsoft Practice

Ransomware & You