Six Ways To Stay Safe In The Cloud
1. Divide and Conquer
With Cloud computing, your data and applications don’t need to reside in the same location, says the Cloud Security Alliance. By hosting our application and data in your own data centre, while still outsourcing a portion of its functionality to the Cloud, you can help make life considerably more difficult for the bad guys.
2. Secure Your Code
Hackers are constantly looking for ways to compromise your applications, according to managed security provider Alertlogic. Code that has not been properly tested to ensure that it is secure makes it easier for hackers to do harm, so the company recommends ensuring security as part of your software development lifecycle.
3. Maintain Continuous Visibility
Companies need to have 100% continuous visibility into their technology assets and services, says security platform provider CloudPassage CTO Amrit Williams in this Information Week article. You can’t secure what you can’t see, he says, so know what you’ve got and what it’s doing at all times. Once you understand what’s going on with your infrastructure, applications, data, and users, you can begin to understand how to limit your attack surface and better prevent or mitigate attacks, he adds.
4. Know Who Is Responsible For What
Most users of Cloud-based services wrongly assume that the service provider is responsible for managing the data, access, and usage of their service, says Yair Grindlinger, cofounder and CEO of policy based Cloud application control company FireLayers in this Forbes article.
In fact, Cloud service providers are charged with ensuring that their application and IT infrastructure is secure and in working order. It’s your obligation to manage passwords, protect against identity fraud, prevent loss or theft of devices, encrypt sensitive data, provide access to devices via secure networks, and a host of other risk mitigation activities, he warns.
5. Beware Of Shadow IT
Businesses are evolving quickly and, via shadow IT, internal business units and operating groups are often bypassing IT and IT security controls altogether in order to get things done, according to Cloud encryption company Vormetric.
While shadow IT might speed things up from a business point of view, it can open the door to significant security vulnerabilities. Keeping stock of, and stamping down on, shadow IT endeavors is vital.
6. Create A Data Security Governance Program.
By 2018, the need to prevent data breaches from public Clouds will drive 20 percent of organisations to develop data security governance programmes, predicts information technology research and advisory company Gartner. In its published forecast, the security expert recommends that you develop an enterprise-wide data security governance programme in which you identify data security policy gaps, develop a roadmap to address the issues, and seek cyberinsurance when appropriate.
All Posts In This Series: