Why Data Security in the Cloud Needs to Evolve

Home > Blog > Why Data Security in the Cloud Needs to Evolve

If you’re reading this, it’s a safe bet that your organization has made the leap to the cloud, including migrating sensitive data, critical applications, and core infrastructure. And, as you’re likely starting to realize, this shift comes with a new focus on cloud data security.

While all of that is true, there's a new challenge on the horizon—one that most organizations aren't fully prepared for: post-quantum threats.

Quantum computing is no longer science fiction [source]. It's advancing fast, and when it reaches maturity, it will shatter many of the cryptographic systems that make up the backbone of today's data security in the cloud. While that moment hasn’t arrived quite yet, we’re in a race against time to protect sensitive data before it’s too late.

In this blog, we explore why organizations must act now to evolve their data security cloud computing strategies. We'll cover:

The risk quantum computing poses to data security in cloud computing
Why current encryption standards fall short in a quantum world
Steps security leaders can take to future-proof cloud computing and data security
Real-world technologies like tokenization that help mitigate long-term risks

Let’s unpack what’s changing—and how to stay ahead.

The Risk Quantum Computing Poses to Cloud Data Security

The architecture for most cloud computing data security strategies today is built on classical cryptography. Protocols like RSA, ECC, and AES are designed to be hard for conventional computers to break. The problem? Quantum computers are anything but conventional.

These powerful machines can use algorithms like Shor’s to solve mathematical problems exponentially faster than today’s computers. For hackers, that includes the problems at the core of today’s encrypted cloud workloads, communications, and authentication.

The potential consequences are wide-ranging. If quantum computers can break public-key encryption, everything from secure email to VPN tunnels to encrypted backups becomes vulnerable.

Not only that, but there’s a catch: attackers don’t need to decrypt your data today—they can harvest it now and decrypt it later when quantum machines are ready. This “harvest now, decrypt later” threat model is what makes data security on cloud computing infrastructure such a pressing issue.

Cloud Environments Multiply the Risk

The cloud’s flexibility is what makes it powerful for so many organizations. But its flexibility also creates multiple layers of complexity. In the cloud, your sensitive data is likely:

Moving constantly between services and platforms
Distributed across multiple cloud regions and providers
Touched by APIs, serverless functions, and third-party tools

Each of these touchpoints is a new opportunity for exposure. And introducing AI to the mix creates even bigger challenges [source]. The hard reality is that if your data security on the cloud is only focused on today’s threats, not tomorrow’s, it could already be vulnerable.

Why Traditional Encryption Can’t Keep Up

It’s tough not to sound like an alarmist, but the truth is that aging crypto standards are essentially a ticking time bomb. Today, businesses rely heavily on symmetric and asymmetric encryption to secure their data in the cloud. But RSA, ECC, and even AES with short key lengths are all vulnerable to quantum attacks. To illustrate:

RSA-2048 encryption can be broken in hours by a sufficiently powerful quantum computer.
TLS sessions could be retroactively decrypted if intercepted and stored today.
Encrypted archives—like healthcare records or financial statements—could be compromised years down the road.

All of this is precisely why the conversation about data security in cloud systems needs to shift. It’s no longer just about being strong enough for today. It’s about future-proofing.

Another challenge is that most compliance standards—PCI DSS, HIPAA, GDPR, and so on—were written before quantum computing became a practical threat. As quantum computing evolves, these standards will be updated, meaning organizations that haven’t laid the groundwork for post-quantum readiness will find themselves scrambling to maintain compliance. This will ultimately put operations and your organization’s reputation at risk.

How to Future-Proof Data Security in Cloud Computing

To address the looming quantum threat, only a multi-layered strategy specifically addressing data security for cloud computing will help. This involves:

Preparing for cryptographic transitions
Rethinking how and where data is protected
Investing in technologies that reduce future exposure

Let’s explore some specific steps you can take right now.

1. Adopt post-quantum cryptography (PQC). This is a widely recommended approach by NIST, ENISA, and other cybersecurity authorities. Organizations are urged to begin evaluating PQC to protect against future quantum threats. NIST calls this process "crypto agility" and recommends beginning migration planning now [source].

While this may sound straightforward on paper, PQC migration isn’t plug-and-play. It requires changes to your:

Key management systems
Application and infrastructure dependencies
Performance and latency testing

The ideal situation for enterprises is to roll out new cryptographic algorithms without rewriting code. This creates the agility needed to stay ahead of changes in cloud computing and data security.

2. Implement Zero Trust Architecture. Assume nothing is safe until it’s been verified. Zero Trust means what it says: trust no one and nothing by default, no matter where they’re connecting from. Access should only be given after confirming identity, checking the device’s status, and confirming the request makes sense based on real-time context.

Some core Zero Trust principles include:

Always verify: Every time someone tries to access a system, their identity and permissions are checked (not just once).
Adapt to risk: Access policies should change dynamically based on factors such as location, behavior, or device health.
Allow temporary access Utilize short-lived credentials that can be instantly revoked if something seems off.

3. Use tokenization to minimize your risk. Data tokenization is a quantum-resilient way to secure sensitive information and reduce risk in cloud environments. Instead of encrypting data, tokenization replaces it with non-sensitive equivalents (tokens) that can’t be mathematically reversed. This means that tokenized data won’t be useful to attackers even if quantum computers advance.

For example, you could tokenize credit card numbers or patient IDs before storing them in your multi-cloud environment. The original data remains secure on-premises or in a secure enclave, while the token travels through your cloud infrastructure.

Tokenization also plays a huge role in supporting data residency and compliance mandates by keeping sensitive data local and non-sensitive tokens in the cloud.

Secure the Cloud with Tomorrow in Mind

The cloud has transformed how we store, access, and manage information, but with these great new powers come crucial new responsibilities. And with the quantum computing era on the horizon, the stakes are only getting higher.

To win, data security in the cloud must evolve in several ways:

Traditional encryption won’t hold up in a quantum world
Regulatory standards will undoubtedly shift to require post-quantum readiness
PQC, tokenization, and Zero Trust architecture are no longer optional—they’re foundational

The good news? There are steps you can take today to reduce long-term risk. Fortanix offers a unique and unified approach to data security cloud computing, built from the ground up for agility, compliance, and quantum resilience.

Ready to explore how Fortanix can help secure your data—today and tomorrow? Request a demo to get started with crypto-agile cloud data security.