Encrypt Early and Often
While nobody is going to argue its value in this cloudy day and age, true end-to-end encryption is still relatively rare in most real-world cloud implementations. For those who plan to encrypt, it is important to understand the effectiveness of available controls over a provider's encryption capabilities. IT managers should be able to confirm that sensitive data is encrypted everywhere, including when it's in transit, in use within the application layer, and at rest – whether within a database or file system, or in an archive or backup.
You should have tight control over your keys: Some keys may be held by your managed services provider for convenience, but ideally you should retain the keys within your organization's sole custody whenever possible. Furthermore, your data should be encrypted at rest before migration to the cloud begins. CSP's who are serious about security can provide this as part of their on-boarding services portfolio.
5 Ways to Keep Mission-Critical Data Safe in the Cloud
5 Ways to Keep Mission-Critical Data Safe in the Cloud
Before any company moves to the cloud, an inevitable question is asked: Will our data be secure? A 2014 IBM study found that while 85 percent of chief information security officers (CISOs) believe their company's move to the cloud is imminent, more than 40 percent also believe a significant security breach will happen at a major cloud provider.
As businesses shift their mission-critical workloads to the cloud, IT departments are tasked with not only managing company data, but also securing it. Choosing a cloud service provider that fits your security strategy is key. IT Business Edge recently spoke with Sean Jennings, co-founder and SVP of solutions architecture at Virtustream, who shared five cloud security and compliance tips for IT leaders as they transition their companies to the cloud.
