Home > Design Patterns > Permanent Data Loss Protection

Permanent Data Loss Protection (Cope, Erl)

How can cloud consumers protect themselves from permanently losing their data?

Permanent Data Loss Protection

Problem

Data can be permanently lost due to malicious attackers or from deletion by a cloud service provider, either through negligence or disaster. If encryption is being used on data and the encryption key is lost, the data is also lost.

Solution

A data retention policy is created and implemented as part of a security policy to mandate that backups of data and keys are created and maintained.

Application

Data is inventoried and assigned a sensitivity factor and a risk of loss factor, is encrypted and backed up in a location separate from the primary infrastructure, and the cloud consumer verifies that the cloud provider meets the data retention policy. A cryptographic key management system (CKMS) is implemented under the direct control of the data owner and is also backed up.
Permanent Data Loss Protection: Data retention policy, which normally meets a compliance requirement, requires an inventory of all sensitive data, the sensitivity level of the data, the risk of loss and backup schedules and forms (A). Backups of data and encryption keys are created according to policy, and backup copies are stored off-site and separate from the operational data so that risks of loss are mitigated (B). Periodic audits ensure compliance with policy (C).

Data retention policy, which normally meets a compliance requirement, requires an inventory of all sensitive data, the sensitivity level of the data, the risk of loss and backup schedules and forms (A). Backups of data and encryption keys are created according to policy, and backup copies are stored off-site and separate from the operational data so that risks of loss are mitigated (B). Periodic audits ensure compliance with policy (C).