Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

3 ways to screw up data security in the cloud

David Linthicum | July 4, 2016
Securing the cloud doesn't mean you've secured your data in the cloud

The cloud data security issue usually gets lost in the general discussion on cloud security. But there are key differences around securing cloud data that you should understand.

Many enterprises believe that if they have cloud security covered generally, they have data security covered specifically in the narrow. That's not true.

Data security deals with many types of information, and that information should be protected using different levels of granularity. This protection includes governance and control over data configuration and management.

Here are the three key mistakes enterprises make around cloud data security, and how to avoid making them.

Mistake 1: Failing to understand the data you need to protect

Your data security must match the type of data you are securing. Data security approaches are vastly different, depending on the types of data that you are managing. If you try to use a single security model on all your types of data, you will likely spend more than you should, underprotect your data, or violate its legal and compliance requirements -- or any combinaton of these three risks.

Mistake 2: Failing to consider data in flight

Many enterprises encrypt the data at rest (that is, stored) but fail to deal with data in flight (that is, moving from place to place). Unless properly protected, data in motion on a network can be easily read by hackers or unauthorized employees.

Mistake 3: Failing to bind data security to other security levels

Data security should be part of a larger security strategy and technology set. So take the time to figure out how to link to other security components and models. If you don't link the specifics of data security to the overall security strategy and implementation, you'll end up with vulnerabilities. Remember, security needs to be holistic and proactive.

Source: Infoworld 


Sign up for MIS Asia eNewsletters.