How to secure your data stored in the cloud

November 27, 2013
4 min read
Advantages of cloud services

Companies use cloud computing and cloud storage increasingly more . As internet connection becomes faster nowadays, it’s easy to have your applications and files stored in the cloud. Use of a public cloud has many advantages, as follows:

  • Flexible capacity & no upfront investment
  • Avoding in house maintenance
  • Fast deployment
  • Global reach
  • Backup is not a task to worry about anymore
Precautions when choosing a cloud solution

However, there are precautions that need to be taken in consideration when choosing the right solution for cloud services. The most important elements you need to have in consideration are the following:

  • Security – Is your data encrypted when it’s stored? What is the level of encryption? Who has access to the encryption keys?
  • Reliability – Can you be certain that the service & data you are storing in the cloud will always be available?
  • Continuity – Can the cloud provider suspend or cancel your account, possibly even lose all your data, for any reason?
  • Copyright – Who owns the content you upload? Are you really facing the risk that your data be published or sold?
HIPAA compliance solution

Medical applications for US need to meet the HIPAA compliance. For this condition to be met, the first thing is that all patient data should be stored in a datacenter that is HIPAA compliant. One service that has such a certification is Amazon’s S3. Access to any Amazon EC2 is created upon a 2048-bit RSA key pair, although the file system is not encrypted. If you want bullet proof encryption on your instances you have to encrypt all your data using eCryptfs for filesystem stacked level encryption. For block device level encryption you can use dm-crypt + LUKS or Truecrypt. Another important thing is to keep your connection with clients secure by encrypting your connectivity with a SSL certificate.

Encrypting a block device

In this article I will try to do a short tutorial on how to encrypt using a block device level encryption on RedHat systems using LUKS.


You will first need to install cryptsetup utility, for setting up encrypted filesystems using Device Mapper and dm-crypt. This can be done using the following command:

Linux Unified Key Setup


You will first need to install cryptsetup utility, for setting up encrypted filesystems using Device Mapper and dm-crypt. This can be done using the following command:

  • # yum install cryptsetup-luks

Now we have to encrypt /dev/sdb for example, be careful, you will lose all your information that is stored on this disk.

  • # cryptsetup –y –v luksFormat /dev/sdb

Next we have initialized the volume and set the initial key / passphrase. Be sure that you note the passphrase or remember it because it is not recoverable.
The next command will map the encrypted drive.

  • # cryptsetup luksOpen /dev/sdb encrypteddrive

After the verification of passphrase you will see a mapping name /dev/mapper/encrypteddrive which was created with luksFormat.

  • # ls –l /dev/mapper/encrypteddrive

Also, you can see the status of encrypted disk by using:

  • # cryotsetup –v status encrypteddrive

Now you have to write zeros to /dev/mapper/encrypteddrive for your drive to be protected against disclosure of old data that were on disk before.

  • # pv -tpreb /dev/zero | dd of=/dev/mapper/encrypteddrive bs=128M

After this you can create a filesystem on the new drive, and mount it anywhere you want.

  • # mkfs.ext4 /dev/mapper/encrypteddrive
  • # mount /dev/mapper/encrypteddrive /mnt/newvolume

You can unmount and secure your data by using the following commands:

  • # umount /mnt/newvolume
  • # cryptsetup luksClose encrypteddrive

If you want to remount again you can do this using:

  • # cryptsetup luksOpen /dev/vdb encrypteddrive
  • # mount /dev/mapper/encrypteddrive /mnt/newvolume

LUKS is an open project hosted by google, the project page is: https://code.google.com/p/cryptsetup/. You will find there more documentation about this encryption tool.

Conclusion

Nowadays we all see the Cloud as a new open world full of opportunities but also concerns, which explains the growth in popularity of data encryption. A mature security solution is LUKS, that allows you to encrypt an entire system partition or hard drive. This means that all data that is storred in the cloud, including temporary files, will always be encypted, so if your data get stolen it will be unreadable without the encryption key.

Share on:

Want to stay on top of everything?

Get updates on industry developments and the software solutions we can now create for a smooth digital transformation.

* I read and understood the ASSIST Software website's terms of use and privacy policy.

Frequently Asked Questions

1. What is ASSIST Software's development process?  

The Software Development Life Cycle (SDLC) we employ defines the following stages for a software project. Our SDLC phases include planning, requirement gathering, product design, development, testing, deployment, and maintenance.

2. What software development methodology does ASSIST Software use?  

ASSIST Software primarily leverages Agile principles for flexibility and adaptability. This means we break down projects into smaller, manageable sprints, allowing continuous feedback and iteration throughout the development cycle. We also incorporate elements from other methodologies to increase efficiency as needed. For example, we use Scrum for project roles and collaboration, and Kanban boards to see workflow and manage tasks. As per the Waterfall approach, we emphasize precise planning and documentation during the initial stages.

3. I'm considering a custom application. Should I focus on a desktop, mobile or web app?  

We can offer software consultancy services to determine the type of software you need based on your specific requirements. Please explore what type of app development would suit your custom build product.   

  • A web application runs on a web browser and is accessible from any device with an internet connection. (e.g., online store, social media platform)   
  • Mobile app developers design applications mainly for smartphones and tablets, such as games and productivity tools. However, they can be extended to other devices, such as smartwatches.    
  • Desktop applications are installed directly on a computer (e.g., photo editing software, word processors).   
  • Enterprise software manages complex business functions within an organization (e.g., Customer Relationship Management (CRM), Enterprise Resource Planning (ERP)).

4. My software product is complex. Are you familiar with the Scaled Agile methodology?

We have been in the software engineering industry for 30 years. During this time, we have worked on bespoke software that needed creative thinking, innovation, and customized solutions. 

Scaled Agile refers to frameworks and practices that help large organizations adopt Agile methodologies. Traditional Agile is designed for small, self-organizing teams. Scaled Agile addresses the challenges of implementing Agile across multiple teams working on complex projects.  

SAFe provides a structured approach for aligning teams, coordinating work, and delivering value at scale. It focuses on collaboration, communication, and continuous delivery for optimal custom software development services. 

5. How do I choose the best collaboration model with ASSIST Software?  

We offer flexible models. Think about your project and see which models would be right for you.   

  • Dedicated Team: Ideal for complex, long-term projects requiring high continuity and collaboration.   
  • Team Augmentation: Perfect for short-term projects or existing teams needing additional expertise.   
  • Project-Based Model: Best for well-defined projects with clear deliverables and a fixed budget.   

Contact us to discuss the advantages and disadvantages of each model. 

ASSIST Software Team Members

See the past, present and future of tech through the eyes of an experienced Romanian custom software company. The ASSIST Insider newsletter highlights your path to digital transformation.

* I read and understood the ASSIST Software website's terms of use and privacy policy.

Follow us

© 2025 ASSIST Software. All rights reserved. Designed with love.