
212 ◾ Information Security Management Handbook
Further, for the provider to enforce data segregation between each subscriber, separate keys
should be used. When separate keys are used for each subscriber, the provider could provide a
copy of the keys to each subscriber as part of its data backup and recovery services. For exam-
ple, if the provider keeps the encrypted backup copies of each subscriber in escrow, then in
the event that the provider goes out of business, the subscriber can recover its encrypted data.
Cloud Subprovider
Consider when a cloud provider outsources some or all of its services to another provider as shown
in Figure 16.6 ...