Securing Data on the Cloud
Discerning an effective method to enhance security in cloud configurations can be extremely complicated and challenging. The different types of cloud we deploy, namely public, private, and hybrid, along with the computing and class of data assigned to these cloud segments, add another layer of complexity to the already existing issues. Today, the consensus is that large public clouds are secure and cross-tenancy attacks are rendered obscure by code improvements and CPU hardware modifications. The truth is any cloud installation can be susceptible to attack—manual errors, viruses, malware, DDoS, and much more. Cloud providers require an automated security monitoring software to efficiently determine and detect unusual access patterns, threats, and cross-tenant access.
The second aspect of data security on the cloud is encryption for data at the source, rest, in transit, and cloud service provider (CSP) encryption. Encrypting key data in the source server and managing the keys by oneself is undoubtedly one of the most effective ways of fortifying data on the cloud. Cloud service providers must avoid sloppy data management at all cost. One cannot overlook the possibility of a critical file entering a low-security area. The answer to this is a meta-data driven approach that puts a copying, life expectancy and location, and other controls on data.
A major portion of data losses in organizations every year has an insider involved. Moreover, with the rise of sophisticated and trained hackers, data vulnerability has increased manifold. One way to tackle this problem is multi-factor authentication; a slower but safer means to access data. Another problem is admin error whereby a simple transpose by an admin can obliterate all records. Thus, it is imperative to allow access to only admins that have proper knowledge of a system.
Cloud Computing Changing Management
By Dr. John Bates, CTO, Intelligent Business Operations &...
By Denise Zabawski, CIO, Nationwide Childrens Hospital
By Cynthia Weaver, A.V.P of IT, Walbridge
By Kris Lappala, CIO, Kiewit
By Sherry Aaholm, VP & CIO, Cummins [NYSE:CMI]
By Leo Casusol, CIO, Liquidity Services
By Joe Fuller, VP/CIO, Dominion Enterprises
By Dennis Fiszer, CCO, HUB International
By David Butler, Sr. Director, Digital Customer Experience,...
By Mark Jacobsohn, SVP, Booz Allen Hamilton
By Miguel Gamino, CIO & Executive Director-Department of...
By Jonathan Reichental, CIO, City of Palo Alto
By Pam Puetz, VP & HR Services, First American Financial...
By Aref Matin, CTO, Ascend Learning
By Jim Sills, CIO/Cabinet Secretary, State of Delaware
By Jesse Laver, Vice President Global Sector Development,...
By Andy Newsom, CIO, CSL Behring
By Jason Cook, CISO, BT Americas [NYSE:BT]
By Jim Grubb, VP Marketing & Chief Demonstration Officer, Cisco
By Don Lindsey, VP and CIO, Tallahassee Memorial HealthCare