11 Ways to Protect Data in the Cloud

 
 
By Karen A. Frenkel  |  Posted 10-01-2015 Email
 
 
 
 
 
 
 
 
 
  • Previous
    11 Ways to Protect Data in the Cloud
    Next

    11 Ways to Protect Data in the Cloud

    A plethora of security breaches and a recent ruling on protecting consumer data make data protection in the cloud more crucial than ever.
  • Previous
    Conduct a Cloud Business Risk Assessment
    Next

    Conduct a Cloud Business Risk Assessment

    The first step to make informed decisions about the risks and benefits of moving to the cloud is understanding the risk factors that can increase exposure to data theft and insider threats.
  • Previous
    Craft Service Level Agreements
    Next

    Craft Service Level Agreements

    To meet your security and regulatory compliance needs, protect your organization's reputation and liability from data loss (leakage) or abuse. So craft SLAs.
  • Previous
    Know How Security Management Roles Intersect
    Next

    Know How Security Management Roles Intersect

    Because control over software is now a purchased service, a process for making edits or updates to security systems or bug fixing can result in challenging business issues if there is a flaw. So map responsibilities for incident response.
  • Previous
    Require Validation of Security Controls
    Next

    Require Validation of Security Controls

    Working with a cloud provider who undergoes regular external security assessments can help you ensure ongoing compliance with agreed-upon data accessibility rules, data center controls and encryption standards.
  • Previous
    Review the Disaster Recovery Plan for the Cloud
    Next

    Review the Disaster Recovery Plan for the Cloud

    Mirrored data and architectural resilience are good fundamentals, but you should also require a real-world demonstration of how the restoration process would work in case of a disaster.
  • Previous
    Prioritize Identity Management
    Next

    Prioritize Identity Management

    Limit unauthorized access to data and applications to establish a sound data protection strategy.
  • Previous
    Understand Data Integrity for Critical Assets
    Next

    Understand Data Integrity for Critical Assets

    Virtually separating customer's data while using the same hardware and physical facilities can create compliance and privacy issues that clash with security standards. It helps to understand data integrity for critical assets.
  • Previous
    Develop a Data Lifecycle Management Process
    Next

    Develop a Data Lifecycle Management Process

    Establish clear data ownership, return and deletion requirements to avoid the risk of losing control of sensitive information. Although having a plan to destroy data in the cloud is critical for information assurance, it is rarely discussed before signing SLAs.
  • Previous
    Document Security Processes
    Next

    Document Security Processes

    Assign roles and responsibilities to ensure smooth and effective management of security controls and best practices.
  • Previous
    Strategize Your Incident Response
    Next

    Strategize Your Incident Response

    CIOs often focus on technology and forensics and don't plan their public affairs and communications responses. To avoid loss of customer trust, include a communications and marketing expert in your planning.
  • Previous
    Plan Your Exit Strategy
    Next

    Plan Your Exit Strategy

    To avoid business disruptions, cloud exit strategies should include technical planning for alternative data hosting, applications and holistic organizational change management strategy.
 

The recent avalanche of security breaches is forcing CIOs to establish new due diligence priorities to protect business data in the cloud. This is an especially timely issue, given the FTC's recent ruling, which affirmed its authority to bring action against businesses that fail to adequately protect consumer data. Traditional and familiar risk management frameworks for on-premise technologies have established processes, accreditations, certifications, governance and compliance rules, but documenting compliance with cyber-security safety standards is especially challenging when data is hosted in the cloud. The convergence of big data management, BYOD and other enterprise technology trends are only compounding the challenge. Maria Horton, CEO of EmeSec, a cyber-security company specializing in cloud security, offers the following recommendations and best practices for cyber-insurance considerations and data protection in enterprise cloud environments.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...