10 Tips for Taking Back Control of Your Data

10 Tips for Taking Back Control of Your Data

Ask About Your Network DesignAsk About Your Network Design

Ask the cloud providers and developers who will configure your virtual networks on cloud platforms and how the network is designed. Gain assurance that your data isn’t just thrown into the cloud.

Learn About Cloud Data EncryptionLearn About Cloud Data Encryption

Get familiar with data-centric security tools that work in and outside the enterprise walls, in particular, cloud data encryption.

Key OwnershipKey Ownership

When it comes to encryption of data at rest in a cloud environment, pay attention to who owns the keys and where those keys reside.

Policy Across Cloud ServicesPolicy Across Cloud Services

Develop a security platform that allows the enterprise to implement a consistent policy across multiple cloud services, preferably one that does not involve complex key management.

Data In-UseData In-Use

Data in-use is, effectively, the data that has been loaded into a process and is in the memory of the program that is running. They’re in the clear while being processed and not protected by in-cloud based encryption that the cloud service provider uses. Make sure you own the entire encryption process of this data.

Tokenization for Protecting Cloud DataTokenization for Protecting Cloud Data

Consider tokenization as a means of protecting cloud data. Although it’s in the news mostly as a way to protect payment-related data, such as Apple Pay, large enterprises use tokenization more broadly to secure all sorts of data in the cloud.

Control Mobile Data FlowControl Mobile Data Flow

Data flows will bypass desktops and be processed and stored exclusively on mobile devices such as tablets and phones, so take control of mobile data flow.

Preserve Cloud Application FunctionalityPreserve Cloud Application Functionality

When choosing a cloud security solution, be sure to select one that takes full advantage of cloud SaaS functionality without compromising user functionality and still maintaining the strongest possible security and data control.

Check Out Legal and Regulatory RequirementsCheck Out Legal and Regulatory Requirements

Understand what legal and regulatory data compliance requirements there are for the types of data being stored in the cloud. Ask who is responsible for ensuring that legal and regulatory data compliance and privacy laws are addressed.

Examine Contracts and Data-Sharing MethodsExamine Contracts and Data-Sharing Methods

Look at your business contracts, the method of sharing data with your business customers, and consider the types of information exchanged. Sensitive information and intellectual property may require certain treatment. Industries, such as banking and health care, have specific legal and regulatory restrictions and protections.

Karen A. Frenkel
Karen A. Frenkel is a contributor to CIO Insight. She covers cybersecurity topics such as digital transformation, vulnerabilities, phishing, malware, and information governance.

Latest Articles