Story image

The five-step guide to securing data in the cloud - IDC

12 Nov 2018
Sponsored

Cloud adoption is now mainstream, and all types of cloud services ranging from on-premise private cloud (adopted by 44% of organisations), to hosted private cloud (adopted by 34% of organizations) to the three types of public cloud are seeing growth in adoption.

The key challenge is connecting the different cloud services into hybrid and multicloud environments and to put a comprehensive management, governance and security framework in place across the various clouds.

This is especially important with the implementation of privacy regulations such as GDPR imposing strict rules on the collection and use of personal data.

Market analysts IDC and cybersecurity solution provider Forcepoint have partnered to release a five-step guide on how to secure data when transitioning to the cloud:

1. Multicloud adoption: Exposing challenges for security architectures

Security is still seen as the biggest concern when organisations consider cloud services.

Increasingly, organisations are starting to view it as a benefit of using cloud services, as cloud providers are investing in security certifications, technologies, and staff to ensure secure operations.

Organisations need to be aware that they are always ultimately responsible for the data they store and process in the cloud, so they need to invest in security concepts for the cloud.

2. Cloud application visibility and control are key

Most of the time, security and compliance are derived from making the invisible visible.

If you don’t know which cloud services are being consumed in your organisation, you have no chance of ensuring consistent compliance across all cloud services.

When choosing the right partner for your cloud security journey, you want to make sure that you can choose which cloud services you want to block or actively manage and which services will be whitelisted/wide open/uncontrolled.

The best technology to apply is a Cloud Access Security Broker (CASB).

Forcepoint CASB monitors and controls uploads, downloads and sharing of sensitive data based on various criteria such as by destination, user or cloud app.

By acting as a proxy in this way, CASB provides an unobstructed view into operations involving both sanctioned and unsanctioned applications and devices as well as accessing users in order to better protect critical data wherever it lives.

3. GDPR implications with a cloud strategy

To be compliant with GDPR, cloud service users need to understand their own responsibilities in a shared liability model and ask themselves:

  • Do we know if we have personal data in the cloud?
  • Do we know where (in which country) this data resides?
  • Is the data protected from loss?
  • Can we delete the data if required?

46% of businesses are re-evaluating their cloud strategy for compliance in the wake of the implementation of GDPR.

4. Data management and data loss prevention in the cloud are essential

Tight management of data in the cloud has positive implications for general good practice in security.

It also contributes towards compliance with the EU’s General Data Protection Regulation (GDPR) relating to the privacy of personal data processing.

Best practices for securing data in the cloud:

  • Encrypt data at rest
  • Use a data loss prevention solution in the cloud
  • Deploy an identity and access management solution
  • Control access from different devices
  • Create/refine/assess general data and sensitive data retention policies in the cloud
  • Ensure that you have a backup and recovery mechanism to handle emergencies

5. Behavioural analytics for risk adaptive protection

After addressing visibility and data protection, the next key step is understanding your users and their behaviour in the cloud.

When users have access to multiple cloud services, you need to understand how they are interacting with the data and the cloud service.

IDC’s research shows that “not knowing what to look for” and “not knowing what normal looks like” are two of the top 3 challenges when investigating insider threats.

The use of User and Entity Behaviour Analytics (UEBA) can help to get to grips with these issues.

Forcepoint’s UEBA solution can help establish a baseline for “what is normal in my enterprise” and identify cases where this baseline is surpassed.

This behaviour can then, depending on context, be enabled, quarantined, or even blocked.

Forcepoint can help your business make a smooth, secure and successful transition to the cloud.

Find out how you can protect your data in the cloud here.

Microsoft urges organisations to tackle data blindspots
Despite significant focus placed on CX transformation, over a third of Australian organisations claimed that more than one in five of their projects failed.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Renesas develops 28nm MCU with virtualisation-assisted functions
The MCU features four 600 megahertz CPUs with a lock-step mechanism and a large 16 MB flash memory capacity.
DOCOMO ranked world's top mobile operator in 5G SEP applications
NTT DOCOMO has been ranked the world's leading mobile operator in terms of applications for candidate standard-essential patents.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”
CylancePROTECT now available on AWS Marketplace
Customers now have access to CylancePROTECT for AI-driven protection across all Windows, Mac, and Linux (including Amazon Linux) instances.
Gartner’s top 10 data and analytics trends for 2019
Data is the fuel for the modern world, and analytics the engine. Gartner has compiled the top 10 trends to watch this year.
How CIOs can work with colleagues to drive new competitive advantages
"If recent history has taught us anything, it’s that the role of the CIO is always changing, and that it won’t stop changing anytime soon."