Is Your Data Safe in the Cloud?

Similar documents
E-Guide HOW THE VMWARE SOFTWARE DEFINED DATA CENTER WORKS: AN IAAS EXAMPLE

How to Develop Cloud Applications Based on Web App Security Lessons

E-Guide BEST PRACTICES FOR CLOUD BASED DISASTER RECOVERY

E-Guide SIX ENTERPRISE CLOUD STORAGE AND FILE-SHARING SERVICES TO CONSIDER

Hybrid cloud computing explained

E-Guide GROWING CYBER THREATS CHALLENGING COST REDUCTION AS REASON TO USE MANAGED SERVICES

E-Guide CLOUD COMPUTING FACTS MAY UNCLENCH SERVER HUGGERS HOLD

E-Guide MANAGING AND MONITORING HYBRID CLOUD RESOURCE POOLS: 3 STEPS TO ENSURE OPTIMUM APPLICATION PERFORMANCE

Streamlining the move to the cloud. Key tips for selecting the right cloud tools and preparing your infrastructure for migration

Benefits of virtualizing your network

Securing the SIEM system: Control access, prioritize availability

3 common cloud challenges eradicated with hybrid cloud

Managing Virtual Desktop Environments

E-Guide WHAT IT MANAGERS NEED TO KNOW ABOUT RISKY FILE-SHARING

Preparing for the cloud: Understanding the infrastructure impacts Eight essential tips for a successful cloud migration

How to Define SIEM Strategy, Management and Success in the Enterprise

Advanced analytics key component for decision management systems

Data warehouse software bundles: tips and tricks

E-Guide CONSIDERATIONS FOR EFFECTIVE SOFTWARE LICENSE MANAGEMENT

HOW MICROSOFT AZURE AD USERS CAN EMPLOY SSO

The changing face of scale-out networkattached

E-Guide NETWORKING MONITORING BEST PRACTICES: SETTING A NETWORK PERFORMANCE BASELINE

A Guide to MAM and Planning for BYOD Security in the Enterprise

Hyper-V 3.0: Creating new virtual data center design options Top four methods for deployment

E-Guide VIDEO CONFERENCING SOFTWARE AND HARDWARE: HYBRID APPROACH NEEDED

Aligning Public Cloud Strategies to Improve Server Efficiency

HOW TO SELECT THE BEST SOLID- STATE STORAGE ARRAY FOR YOUR ENVIRONMENT

Solution Spotlight BEST PRACTICES FOR DEVELOPING MOBILE CLOUD APPS REVEALED

CLOUD SECURITY CERTIFICATIONS: HOW IMPORTANT ARE THEY?

Software Defined Networking Goes Well Beyond the Data Center

5 free Exchange add-ons you should consider Eliminating administration pain points on a budget

Cloud Storage: Top Concerns, Provider Considerations, and Application Candidates

Key best practices for cloud testing

BUYING PROCESS FOR ALL-FLASH SOLID-STATE STORAGE ARRAYS

2013 Cloud Storage Expectations

Desktop virtualization: Best practices for a seamless deployment

How SSL-Encrypted Web Connections are Intercepted

Best Practices for Database Security

6 Point SIEM Solution Evaluation Checklist

Strategies for Writing a HIPAA-Friendly BYOD Policy

Exchange Server 2010 backup and recovery tips and tricks

Key Trends in the Identity and Access Management Market and How CA IAM R12 Suite Addresses These Trends

ios7: 3 rd party or platform-enabled MAM? Taking a look behind the scenes with Jack Madden

The State of Desktop Virtualization in 2013: Brian Madden analyzes uses cases, preferred vendors and effective tools

Best Practices for Scaling a Big Data Analytics Project

Social channels changing contact center certification

Solution Spotlight KEY OPPORTUNITIES AND PITFALLS ON THE ROAD TO CONTINUOUS DELIVERY

How To Protect Your Online Backup From Being Hacked

MDM features vs. native mobile security

E-Guide THE LATEST IN SAN AND NAS STORAGE TRENDS

Essentials Guide CONSIDERATIONS FOR SELECTING ALL-FLASH STORAGE ARRAYS

E-Guide UNDERSTANDING PCI MOBILE PAYMENT PROCESSING SECURITY GUIDELINES

Expert guide to achieving data center efficiency How to build an optimal data center cooling system

E-Guide SHAREPOINT UPGRADE BEST PRACTICES

Managing Data Center Growth Explore Your Options

Evaluating SaaS vs. on premise for ERP systems

Rethink defense-in-depth security model

Best and worst practices for Exchange archiving

GUIDELINES FOR EVALUATING PROCUREMENT SOFTWARE

5 ways to leverage the free VMware hypervisor Key tips for working around the VMware cost barrier

CLOUD APPLICATION INTEGRATION AND DEPLOYMENT MADE SIMPLE

Order Management System Best Practices

Big Data and the Data Warehouse

E-Guide CONSIDER SECURITY IN YOUR DAILY BUSINESS OPERATIONS

The state of cloud adoption in India The use cases, industry trends, business demands, and user expectations driving cloud adoption in Indian

E-Guide CRM: THE INTEGRATION AND CONSOLIDATION PAYOFF

Cloud Security Certification Guide What certification is right for you?

Virtualization backup tools: How the field stacks up

Managing the supply chain for SAP

Making the move from a tactical to a strategic supply chain

Unlocking data with document capture and imaging

Social Media-based Customer Loyalty Programs

Does consolidating multiple ERP systems make sense?

Advantages on Green Cloud Computing

Tips to ensuring the success of big data analytics initiatives

E-Guide THE CHALLENGES BEHIND DATA INTEGRATION IN A BIG DATA WORLD

TIPS TO HELP EVALUATE AND DEPLOY FLASH STORAGE

Skills shortage, training present pitfalls for big data analytics

Supply Chain Management Tips and Best Practices

E-Guide COMPLIANCE IN THE CLOUD

The skinny on storage clusters

Social media driving CRM strategies

SAFELY ENABLING MICROSOFT OFFICE 365: THREE MUST-DO BEST PRACTICES

CLOUD STORAGE SECURITY INTRODUCTION. Gordon Arnold, IBM

REGULATIONS FOR THE SECURITY OF INTERNET BANKING

Central Agency for Information Technology

WHAT S INSIDE NEW HYPER- CONVERGED SYSTEMS

Solution Brief for HIPAA HIPAA. Publication Date: Jan 27, EventTracker 8815 Centre Park Drive, Columbia MD 21045

How To Manage Security On A Networked Computer System

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Moving to the Cloud: A guide for Southeast Asian IT and Business Managers

BEST PRACTICES FOR MANAGING THE EVOLUTION OF EHRS

Executive s Guide to Cloud Access Security Brokers

LTO tape technology continues to evolve with LTO 5

What You Need to Know About CLOUD INFORMATION PROTECTION SOLUTIONS

MOBILE APP DEVELOPMENT LEAPS FORWARD

Addressing Cloud Computing Security Considerations

1 Copyright 2012, Oracle and/or its affiliates. All rights reserved. Public Information

E-Guide BYOD: THE EVOLUTION OF MOBILE SECURITY

Transcription:

Is Your Data Safe in the?

Is Your Data Safe in the? : Tactics and Any organization likely to be using public cloud computing are also likely to be storing data in the cloud. Yet storing data in the cloud also brings with it a number of security risks which IT professionals should be aware of. This expert e-guide, from SearchComputing.com, explores how to successfully secure data in the cloud while ensuring its confidentiality, availability and compliance with physical location regulations. Data security is a concern for any enterprise, and cloud computing often can magnify security anxieties. Learn how to adopt a few ground rules to help protect users, their data and your overall cloud investment. By: Phil Cox In this tip, the seventh in our series of technical tips on cloud security, we discuss the security of data in the cloud. If and when you decide to use public cloud computing, it's likely that you will also need to store data in the cloud. The multi-tenant nature of the cloud and questions about the physical location of cloud data are security risks that organizations looking at using cloud services need to be aware of. This tip discusses practical methods for keeping your cloud data secure. Storing data in the cloud is arguably the most important aspect of public cloud resources, but it is rarely treated as such. Two practical steps to take when securing cloud data are: Protect your data in a real world environment. Meet compliance requirements. Page 2 of 9

Is Your Data Safe in the? : Tactics and What are the issues? There are two primary issues that we have to deal with when talking about data security in a public cloud: Protection of the data: Dealing with the confidentiality, integrity, and availability (CIA) criteria. Answering the important questions, such as, "What is the risk to the data? Are the controls in place adequate to mitigate the risk?" Location of the data: Dealing with the physical location of the "bits" and answering questions like, "Do I know where the data resides? Does this violate any of my compliance requirements?" Location is often doubly important because we do not think about it; it may easily slip by unnoticed and have significant impact if a data loss ever occurs. An example is the conflict between the U.S. Patriot Act and Canadian laws on the privacy of certain personal information. The U.S. government says if there is a compelling reason, they are able to see data in their jurisdiction. Canadian laws say that the data of certain Canadian citizens is protected and cannot be disclosed. If you handle Canadian data (i.e., data that is protected), then you had better be sure it is not physically located on systems in the U.S. Note that this is something providers will need to ensure via contracts. Where to start: Data classification If you don't take time to understand your data, then you are setting yourself up for failure in a public cloud environment. Therefore, securing data must begin with data classification. Here are some steps to follow: 1. Identify the data that will be processed or stored in the cloud. Page 3 of 9

Is Your Data Safe in the? : Tactics and 2. Classify the information in regards to sensitivity towards loss of the CIA criteria. This would include identifying regulatory requirements for the data. 3. Define the rules by which particular information classes of instances must be stored, transmitted, archived, transported and destroyed. Many handling requirements result from contractual or regulatory requirements. A thought on physical location As stated earlier, if there are restrictions on the physical location of data, you'll need to find a provider that can handle them. Amazon Web Services uses regions, and many of the other cloud providers offer similar structures. However, you need to ensure the service-level agreements meet your locality requirements. Protecting data in the cloud In the cloud, your data can be in any of the following locations: Local storage of the virtual machine (i.e., processing engine). Data is tied to the virtual machine location and state. Persistent data store (i.e., Amazon EBS or S3, Azure SQL, etc.). Data is independent of virtual machine location and state. In transit on the wire. You will also need to use one of the following methods to meet your data protection requirements: File system and share access control lists: This would be using the access control mechanisms in the offering to ensure appropriate restrictions on the data. This would be used in all cases, but it would not protect from malicious IT staff at the provider. Page 4 of 9

Is Your Data Safe in the? : Tactics and Encryption with a mixture of public and private key solutions: This would most likely be used to protect against malicious IT staff at the provider. Transport level encryption: This would be used as a matter of course whenever sensitive information was being passed or transmitted. In closing I strongly insist that everyone classifies their data. Once that is done, there are a couple of cloud issues you need to think about: Is my data stored where is should be? If there are any physical location limits, are those met? Am I protecting against malicious IT staff? The rest should be basic security practices, much like those used in your non-cloud environment. There is nothing obscure about securing data in the cloud. Just remember that "good security is good security" and you should be good to go. : Tactics and By: Bill Kleyman Data security is a concern for any enterprise, and cloud computing often can magnify security anxieties. Adopting a few ground rules will help protect users, their data and your overall cloud investment. The list of security concerns with cloud computing may seem lengthy. In reality, though, cloud security tactics can fall into two main categories: partner-based security or security for Software as a Service, Platform as a Service or Infrastructure as a Service models and end user-based or clientbased security. Here are a few guidelines for securing a private or public cloud. Page 5 of 9

Is Your Data Safe in the? : Tactics and Strategically plan your cloud security. Every environment is unique. Give careful consideration to how corporate workloads should be delivered to end users. Placing security at the forefront during the initial planning phase creates a solid foundation and allows compliance-conscious organizations to create a resilient and audit-ready cloud infrastructure. Pick your cloud vendor wisely. According to the Security Alliance, data loss and leakage are the top security threats of cloud computing. It's crucial to choose a cloud partner that can protect your enterprise's sensitive data. When evaluating a cloud partner for corporate IT services, make sure the vendor has experience in both IT and security services. Verify that cloudready risk mitigation is part of the provider's common security practice. And evaluate only cloud providers that have a proven track record integrating IT, security and network services and can provide strategic service-performance assurances. Formulate an identity management system. Every enterprise environment will likely have some sort of identity management system that controls user access to corporate data and computing resources. When moving to the public cloud or building a private cloud, identity federation should be a major consideration. A cloud provider must be willing to integrate an existing identity management system into its infrastructure using identity federation or single sign-on (SSO), or provide its own identity management system. Without this, environments create identity pools in which end users must use multiple sets of credentials to access common workloads. Protect corporate data in the cloud. In a secure IT organization, data from one end user is properly segmented from that of another user. In other words, data at rest must be stored securely and data in motion must move securely from one location to another without interruption. Reputable cloud partners have can prevent data leaks or ensure that unauthorized third parties cannot access data. It's important to clearly define roles and responsibilities to ensure that users -- even privileged users -- cannot circumvent auditing, monitoring and testing, unless otherwise authorized. Page 6 of 9

Is Your Data Safe in the? : Tactics and Develop an active monitoring system. Enterprises must continuously monitor data in the cloud. Performance bottlenecks, system instabilities or other issues must be caught early to avoid any outages in services. Failure to constantly monitor the health of a cloud environment will result in poor performance, possible data leaks and angry end users. Organizations that are cloud-ready must plan which monitoring tools to use and how often they must track and monitor data. For example, a company pushing a virtual desktop to the cloud may be interested in the following metrics: SAN use WAN operation Networking issues or bottlenecks Log-in data, i.e., failed attempts, lockout information Gateway information o Where are users coming from, is there suspicious traffic coming into the private cloud o How are IP addresses being used? Is internal gateway routing functioning properly? After that, you can implement manual or automated procedures to respond to any events or outages that occur. It's very important to understand the value behind actively monitoring a cloud solution. By constantly keeping an eye on the cloud environment, IT administrators can proactively resolve issues before an end-user can notice them. Establish cloud performance metrics and test regularly. When researching a cloud service provider -- for public cloud or private cloud -- check that the vendor presents a solid service-level agreement that includes Page 7 of 9

Is Your Data Safe in the? : Tactics and metrics like availability, notification of a breach, outage notification, service restoration, average resolution times and so on. Regular proactive testing will remove a great deal of security risks or potential for data leaks. Even though your cloud provider conducts testing, it's imperative to also have internal test procedures in place. IT managers know the environment -- and its end-users' demands -- best. Inconsistencies or irregularities in how cloud-based workloads are being used can lead to security breaches or data leaks. Next steps: Identity federation in the cloud Thorough security tactics must be in place, starting from the host level and continuing all the way through the cloud infrastructure and to the end user. There are several tools on the market to help enterprises secure an investment in cloud computing. Identity federation, for example, helps take credential management to the next level by securing a cloud infrastructure. computing offers great benefits to those environments prepared to make the investment, as long as they make wise and well-researched decisions when evaluating cloud security options. Page 8 of 9

Is Your Data Safe in the? : Tactics and Free resources for technology professionals TechTarget publishes targeted technology media that address your need for information and resources for researching products, developing strategy and making cost-effective purchase decisions. Our network of technology-specific Web sites gives you access to industry experts, independent content and analysis and the Web s largest library of vendor-provided white papers, webcasts, podcasts, videos, virtual trade shows, research reports and more drawing on the rich R&D resources of technology providers to address market trends, challenges and solutions. Our live events and virtual seminars give you access to vendor neutral, expert commentary and advice on the issues and challenges you face daily. Our social community IT Knowledge Exchange allows you to share real world information in real time with peers and experts. What makes TechTarget unique? TechTarget is squarely focused on the enterprise IT space. Our team of editors and network of industry experts provide the richest, most relevant content to IT professionals and management. We leverage the immediacy of the Web, the networking and face-to-face opportunities of events and virtual events, and the ability to interact with peers all to create compelling and actionable information for enterprise IT professionals across all industries and markets. Related TechTarget Websites Page 9 of 9

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information