Inside the Briefcase

Augmented Reality Analytics: Transforming Data Visualization

Augmented Reality Analytics: Transforming Data Visualization

Tweet Augmented reality is transforming how data is visualized...

ITBriefcase.net Membership!

ITBriefcase.net Membership!

Tweet Register as an ITBriefcase.net member to unlock exclusive...

Women in Tech Boston

Women in Tech Boston

Hear from an industry analyst and a Fortinet customer...

IT Briefcase Interview: Simplicity, Security, and Scale – The Future for MSPs

IT Briefcase Interview: Simplicity, Security, and Scale – The Future for MSPs

In this interview, JumpCloud’s Antoine Jebara, co-founder and GM...

Tips And Tricks On Getting The Most Out of VPN Services

Tips And Tricks On Getting The Most Out of VPN Services

In the wake of restrictions in access to certain...

Don’t Get Lost in the Cloud: 10 Tips for Controlling Cloud Data

May 13, 2015 No Comments

Featured Article By Gerry Grealish, CMO, Perspecsys

With information flowing more freely than ever in today’s digital economy, tracking sensitive data becomes an increasingly difficult task. In fact, findings from a recent study show more than half of IT professionals admit not having a complete picture of where their sensitive data lives.

As organizations aggressively push to put more of their data in the hands of outside service providers like cloud systems, challenges with sensitive data visibility and control expand exponentially. Particularly in regulated industries, organizations struggle to track where sensitive and regulated data is flowing, and face the inability to control that flow in outsourced environments such as SaaS cloud applications, where it can move freely between data centers and cloud provider’s partner’s systems.

IDC forecasts that public IT cloud services will account for more than half of global software, server, and storage spending growth by 2018. Despite spend projections, cloud trust issues reported by RSA Conference 2015 attendees make it clear organizations are not aggressively using cloud systems because of privacy and security concerns. This is limiting the true transformational benefits that the cloud could bring.

Relying on a cloud service provider for data compliance and protection is not enough, but on the flip side, writing off cloud services because of security skepticism is unnecessarily limiting and harms the business. Enterprises need to consider encrypting or tokenizing any sensitive data before it goes to the cloud, so they retain full control of their information while it is in-transit to the cloud, while it is stored at-rest in the cloud and while it is in-use being processed in the cloud.

10 tips for taking back control of cloud data include:

1. Ask cloud providers and developers — who will configure virtual networks on cloud platforms — how the network is designed so you can gain assurance that your data isn’t just being thrown willy-nilly into a “cloud,” according to Forrester.

2. Get familiar with data-centric security tools that work in and outside the company’s walls, in particular, cloud data encryption.

3. When it comes to encryption of data at rest in a cloud environment, pay attention to who owns the keys, and where the keys physically reside.

4. Develop a security platform that allows the business to implement a consistent policy across multiple cloud services, preferably one that does not involve complex key management.

5. Don’t forget data in-use. Data in use is, effectively, the data that has been loaded into a process and is in the memory of the program that is running. In general, this data is in the clear while being processed and is typically not protected by techniques such as the in-cloud based encryption provided by the cloud service provider. Make sure you own the entire encryption process of this data.

6. Consider tokenization as a means of protecting cloud data.  While it in the news mostly as a way to protect payment related data – think Apple Pay – it is being used more broadly by companies to secure all sorts of data in the cloud.  Token substitutes replace the original sensitive data before it leaves the organization, so what goes to the cloud are meaningless replacements with no mathematical relationship to the original clear text values. If the information was intercepted by an unauthorized party outside of the enterprise they would be unable to ever reverse the token back to the original data. The only place you can translate a secure token back to its original value is in a secure token vault, which is always completely under the enterprise’s full control.

7. Control the mobile data flow. We’re living in a mobile world, and data flows will bypass desktops and be processed and stored exclusively on mobile devices such as tablets and phones. As more businesses are allowing employees to BYOD, theft and loss of these devices will not be the business’s only concern, as mobile data is more frequently housed in the cloud. For instance, iCloud breaches regarding under-clothed celebrities dominated headlines in 2014. In 2015, organizations will need to ensure that enterprise data on mobile devices and in the cloud isn’t “over-exposed.”

8. Preserve cloud application functionality. When choosing a cloud security solution, be sure to select one that takes full advantage of the cloud SaaS functionality without compromising user functionality, while still maintaining the strongest possible security and data control.

9. Understand what legal and regulatory data compliance requirements exist for the types of data being stored in the cloud. Understand whose responsibility it is to ensure the various legal and regulatory data compliance and privacy laws are addressed.

10. Look at your business contracts, the method of sharing data with your business customers, and consider the types of information exchanged. There may be requirements to treat sensitive information and intellectual property in certain ways, especially in cloud SaaS environments. And of course specific industries, such as banking and healthcare, have additional legal and regulatory restrictions and protections that will undoubtedly apply.

Gerry_Grealish

Gerry Grealish, Chief Marketing Officer

Gerry is responsible for defining and executing Perspecsys’ marketing vision and driving revenue growth through strategic market expansion and new product development. Previously, Gerry ran Product Marketing for the TNS Payments Division, helping create the marketing and product strategy for its payment gateway and tokenization/encryption security solutions. He has held senior marketing and leadership roles for venture-backed startups as well as F500 companies, and his industry experience includes enterprise analytical software, payment processing and security services, and marketing and credit risk decisioning platforms. Gerry has a B.S. in Aerospace Engineering from the University of Notre Dame and an MBA in Marketing and Finance from the University of Chicago.

 

Leave a Reply

(required)

(required)


ADVERTISEMENT

Gartner

WomeninTech