Inside the Briefcase

2022 Business Spend Management Benchmark Report

2022 Business Spend Management Benchmark Report

Read the 2022 Coupa Benchmark Report to explore 20...

Cloud Security: Understanding “Shared Responsibility” … and Keeping Up Best Security Practices

Cloud Security: Understanding “Shared Responsibility” … and Keeping Up Best Security Practices

Cloud computing has been around for many years now,...

Webcast: HOW TO SCALE A DATA LITERACY PROGRAM AT YOUR ORGANIZATION

Webcast: HOW TO SCALE A DATA LITERACY PROGRAM AT YOUR ORGANIZATION

Join data & analytics leaders from Starbucks, Cardinal Health,...

How EverQuote Democratized Data Through Self-Service Analytics

How EverQuote Democratized Data Through Self-Service Analytics

During our recent webinar on scaling self-service analytics, AtScale...

How Analytics Governance Empowers Self-Service BI

How Analytics Governance Empowers Self-Service BI

The benefit of implementing analytics policies at the semantic...

Cloud Security: Understanding “Shared Responsibility” … and Keeping Up Best Security Practices

March 10, 2022 No Comments

Featured article by Emily Peyton

cloud security 300x185 Cloud Security: Understanding Shared Responsibility ... and Keeping Up Best Security PracticesImage source

Cloud computing has been around for many years now, with its primary driver being the need to increase agility and reduce the cost of doing business.

While there has always been concern about data security in cloud computing, the biggest test on the technology came in 2020 as many organizations shifted to cloud computing to allow their employees to work from home

Data security in cloud computing is a shared responsibility between the providers and the users. However, unlike providers, users do not play their role well and are often to blame for security breaches in cloud computing.

Understanding Your Shared Responsibility Model

In cloud computing, the data is held in private data centers. The security of the data in the private data centers is the responsibility of the enterprise owning the data centers. However, the responsibility of data security (the cloud) can be complicated, with the responsibility of data security depending on the user for the most part. 

The service provider also may have some responsibilities for some IT security aspects. Cyber security experts refer to this arrangement as a shared responsibility model. 

Most cloud service providers ensure that their clients’ critical information is safe by taking care of their infrastructure. 

For example, in Azure, the infrastructure is designed to detect fraudulent activity or abuse and notify customers.

On the other hand, the customer is responsible for ensuring that the Azure environment is configured to ensure data security, limiting the number of people with access to critical data, and identifying and defining misuse of Azure. 

Cloud Security Best Practices

Evaluate Your Providers Shared Cloud Responsibilities

Both the provider and the customer should have a role in ensuring cloud security. Provider responsibilities may differ from one provider to the other.

You may need to compare different service providers’ roles in the shared responsibilities and make an informed choice depending on your unique needs and budget.

Go With an Established Provider

While every other service provider will promise heaven, it is best to narrow down your choice of service providers to those that have had a good share of time in the industry.

These will often be big brand names that have had time, made mistakes, learned, got better with time, and have the resources to ensure continued improvement in the security of their services.

Controlled Access to Cloud Data

The more people access the cloud data, the more risk a data breach. While access to the cloud is necessary for employees in your organization, there is a need to control who accesses what data and ensure the access is limited to the extent that allows a specific individual to perform their tasks.

Some security practices such as multi-factor authentication and role-based access are a great way of limiting access and minimizing the risk to data security when credentials may be compromised.

Policy Development and Training

Without company policy on cloud access and data security, everything goes. This kind of approach exposes your organization to the risk of a data breach.

Additionally, lack of policies may result in compliance issues which could get your organization on a collision course with regulatory authorities or even face lawsuits.

There is a need to create strong policies and training to ensure that all employees know the best practices that can help bolster security and ensure compliance.

Final words

In today’s business scene, big data is the soul and heart of an organization, and protecting it must be every organization’s priority. The practices listed above are some of the best data security practices, which are a great place to start when enhancing your organization’s data security. 

APPLICATION INTEGRATION, CLOUD DATA, DATA and ANALYTICS , DATA PRIVACY, DATA SECURITY, Inside the Briefcase, MOBILE DATA

Sorry, the comment form is closed at this time.

ADVERTISEMENT

Gartner