The Lighter Side Of The Cloud – 4th of July
The Lighter Side Of The Cloud – Mischievous Easter Bunny
The Lighter Side Of The Cloud – Synchronization
The Lighter Side Of The Cloud: Resistance
The Lighter Side Of The Cloud – HaaS
7 Steps To Developing A Cloud Security Plan

7 Steps To Developing A Cloud Security Plan

7 Steps to Developing a Cloud Security Plan

Designing and implementing an enterprise security plan can be a daunting task for any business. To help facilitate this endeavor NaviSite has developed a manageable process and checklist that can be used by enterprise security, compliance, and IT professionals as a framework for crafting a successful cloud computing security plan. It defines seven steps—sequentially—that have been tested and refined through NaviSite’s experiences helping hundreds of companies secure enterprise resources according to best practices. This plan enables organizations to gain the economic advantages of secure and compliant managed cloud services.

Step 1: REVIEW YOUR BUSINESS GOALS

It is important that any cloud security plan begins with the basic understanding of your specific business goals. Security is not a one-size-fits-all scenario and should focus on enabling:

  • TECHNOLOGIES: Authentication and authorization, managing and monitoring, and reporting and auditing technologies should be leveraged to protect, monitor, and report on access to information resources
  • PROCESSES: Methodologies should be established that define clear processes for everything from provisioning and account establishment through incident management, problem management, change control, and cceptable use policies so that processes govern access to information
  • PEOPLE: Organizations need access to the proper skill sets and expertise to develop security plans that align with business goals

Too often, organizations view internal security and compliance teams as inhibitors to advancing the goals of the business. Understanding the business objectives and providing long-term strategies to enable business growth, customer acquisition, and customer retention is essential to any successful security plan.

The best way to do this is to develop cloud security policies based on cross departmental input. A successful security program includes contribution from all stakeholders to ensure that policies are aligned and procedures are practical and pragmatic.

The broader the input the more likely the final security plan will truly align with, and support corporate goals. Executive input is not only essential to ensure that assets are protected with the proper safeguards, but also to ensure that all parties understand the strategic goals. For example, if a company plans to double in size within a few years, security infrastructure needs to be designed to support scalability.

CASE IN POINT: At NaviSite, we often see customers faced with the challenge of making major security and technology changes to address evolving corporate goals. For example, a customer that hosts multiple merchant sites had a Payment Card Industry (PCI)-compliant application, but when it was acquired, its parent company required stricter controls that conformed to the enterprise-wide PCI program. The acquired company came to us with a small company perspective, while the new parent company wanted to enforce even tighter security across its divisions.

We worked with them to realign and bolster the goals of the acquired company’s security and compliance programs with the corporate goals of the parent company. By reviewing the business goals with the stakeholders from the parent company, the newly acquired company, and our security team, we were able to identify and document the objectives for the new compliance program and ensure that they were aligned with the over-arching
PCI program.

Follow Us!

CloudTweaks

Established in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with a small percentage provided by guest authors from around the globe, including CEOs, CIOs, Technology bloggers and Cloud enthusiasts. Our goal is to continue to build a growing community offering the best in-depth articles, interviews, event listings, whitepapers, infographics and much more...
Follow Us!

Sorry, comments are closed for this post.

Recent

9 Pitfalls of Providing Cloud-Based Online Government Services

9 Pitfalls of Providing Cloud-Based Online Government Services

Cloud-Based Online Government Services Pitfalls When the US government designed the Affordable Care Act, a key part of the program was to encourage enrollment through the Healthcare.gov website. This online service was supposed to make it easier for citizens to learn about the ACA, compare their health insurance options, and take full advantage of this…

IOT, Intelligent Sensors, And The Change That Is Coming…

IOT, Intelligent Sensors, And The Change That Is Coming…

Intelligent Sensors And The Future What is or isn’t connected: In the end, that is the internet of things. They, the things, represent stuff that has been around for the past 30 years. It was only recently that we have developed a way to consistently connect those devices. Despite the increasing awareness of IoT, it…

Cloud Vendor Benchmark 2015: Price-Performance Comparison

Cloud Vendor Benchmark 2015: Price-Performance Comparison

Cloud Vendor Benchmark 2015: 15 Top IaaS Providers Cloud Spectator has released their Cloud Vendor Benchmark 2015 Part 2: Price-Performance Comparison Among 15 Top IaaS Providers today, cited as the industry’s most comprehensive study. Exposing the influence that performance can have on the overall value of the IaaS environment, this report is aimed at helping…

Popular Archives

Cloud Infographic – The Future Of Big Data

Cloud Infographic – The Future Of Big Data

The Future Of Big Data Big Data is BIG business and will continue to be one of the more predominant areas of focus in the coming years from small startups to large scale corporations. We’ve already covered on CloudTweaks how Big Data can be utilized in a number of interesting ways from preventing world hunger to helping teams win…

Five Signs The Internet of Things Is About To Explode

Five Signs The Internet of Things Is About To Explode

The Internet of Things Is About To Explode By 2020, Gartner estimates that the Internet of Things (IoT) will generate incremental revenue exceeding $300 billion worldwide. It’s an astoundingly large figure given that the sector barely existed three years ago. We are now rapidly evolving toward a world in which just about everything will become…

Sponsors

The Many Hats Of Today’s IT Managers

The Many Hats Of Today’s IT Managers

The Many Hats of IT Managers In years past, the IT department of most large organizations was much like a version of Middle Earth: a mysterious nether world where people who seemed infinitely smarter than the rest of us bustled around, speaking and typing languages that appeared indecipherable, yet, which made our world work. They…

Selling Your Business To Your Employees

Selling Your Business To Your Employees

Mobility For Your Employees It may seem a radical notion, the idea of selling your business to the people who work for you, but this is the era in which we now work. Employees of all levels are all incredibly aware of their options when it comes to mobility and employability. This doesn’t mean that…

Established in 2009

CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

CloudTweaks Comic Library

Advertising