Though the cloud offers businesses the opportunity to meet their computing needs with greater scalability, flexibility and cost effectiveness than ever before, it also requires new approaches to data security.
Considering the potentially devastating costs of data loss, security of cloud services need to be thought of as more than an IT initiative – it must be a business goal. These best practices can help companies better protect data and infrastructure in the cloud, as well as mitigate losses and costs should a breach occur.
1. Develop a holistic data protection strategy.
An end-to-end protection strategy first requires a detailed snapshot of your network. It is vital to thoroughly assess cloud providers and to understand what aspects of network security fall under their domain and where you are responsible. In building their networks, organizations must identify and address risks and weaknesses, and make ongoing monitoring and testing part of the protocol.
Read more: 5 pillars of transparent data security
2. Define what’s important.
More than two thirds of IT and security practitioners say their organizations fail to proactively assess what types of information are too sensitive to be stored in the cloud.[1] With an average of 25,180 computing devices – including laptops, tablets and smartphones – connected to company networks, IT leaders also say they lack visibility into what’s in the cloud. This can make it challenging to mandate to employees how to handle security and even to decide the optimal measures to employ. Defining types of data in use and prescribing the appropriate measures for each type is an important step in data protection.
3. Close the loop.
Cloud infrastructure security is only as strong as its weakest link. From remembering to revoke access credentials from former employees to ensuring that encryption keys cannot be easily accessed and exploited externally, it’s important to pinpoint points of access and close them.
4. Get top-level buy in.
From tools to training, ongoing security is an investment. And yet many security leaders either do not know what percentage of IT budget is dedicated to security, or say the proportion of total budget is less than 10 percent. Board of director involvement supports a more informed and relevant data security strategy (with necessary budget allocations). What’s more, research shows that when data loss does occur, the proactive establishment of a chief information security officer and board-level involvement in addressing the situation can mitigate costs. [2]
5. Monitor cloud activity and stay up to date on threats.
IaaS solutions typically include tools and dashboards which provide virtual, real-time network data such as session logs and access reports. Making ongoing, proactive monitoring part of the cloud security protocol can help organizations more quickly spot vulnerabilities and improve breach detection times. Incident analysis can help organizations better address future threats and improve security over time.
6. Don’t forget about training and ongoing enforcement.
Cloud security isn’t a matter of employing the right configuration and tools and forgetting about it; networks can be made vulnerable by the things employees do every day. Even the most robust security guidelines aren’t helpful if they live in a document and aren’t part of everyday procedures. From email rules to guidelines about specific types of data, it’s important that security policies are clearly communicated to all employees, and augmented with checkups and enforcement.
[1] Data Breach: The Cloud Multiplier Effect, Ponemon
[2] 2015 Cost of Data Breach Study (Global Data), Ponemon
