Five Best Practices for Securing Private Clouds - Slide 4

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6
Next Five Best Practices for Securing Private Clouds-4 Next

Not all data is created equal. That is, not all data requires the same level of security. Typically, data is classified using three categories – private, confidential or public. Data can fall under more than one category – a spreadsheet with salary information might be private to the company and confidential so only HR employees and supervisors may view it. A data classification established by the data owner clears up any mystery about access.

The first reason most IT professionals say they are interested in a private cloud solution rather than a public cloud solution is security. Ironically, diligent security is often the last item on the checklist for many organizations when building a private cloud solution. To help IT professionals secure their private cloud installations, Logicalis, an international IT solutions and managed services provider, has created a best practices approach to cloud security.

“Unless an organization is in a regulated industry that is required to provide proof of security – such as PCI, HIPAA, FISMA or ITAR – the level of security in many data centers today could be characterized as ‘not so much,’” laments Von Williams, director of information security for Logicalis.

“A security initiative needs to be a detailed, disciplined process, but it doesn’t have to be overwhelming,” says Williams. “But you do have to have a security policy to apply in the first place.” A best practices approach to upgrading or creating a security policy that is appropriate for most organizations focuses on five basic security components. These five steps form the path for a solid security policy: risk assessment, data ownership, data classification, auditing and monitoring, and incident response.

Williams suggests IT pros ask the following questions while developing their private cloud security policy to help defend their organizations from hackers as well as inadvertent access to confidential data.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

Compliance4-190x128 GRC Programs: Building the Business Case for Value

Experience shows that organizations that manage GRC as an integrated program — involving people, processes and technologies — are more successful in delivering value to their organizations ...  More >>

Social14-190x128.jpg 10 Ways to Improve Your Social Media Security Policy and Posture

When phone calls, video conference information, pictures, chat logs, etc. are all stored in a central location via social media, a potential hacker has access to just about everything, quickly and easily. ...  More >>

Security120-290x195 5 DDoS Myths Debunked

Unearth the real story behind five commonly held myths about distributed denial-of-service attacks. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.