November 6, 2015

How To Overcome Data Insecurity Online

By Evelyn de Souza

Data Insecurity In The Cloud Today’s escalating attacks, vulnerabilities, breaches, and losses have cut deeply across organizations and captured the attention of, regulators, investors and most importantly customers. In many cases such incidents have completely eroded customer trust in a company, its services and its employees. The challenge of ensuring data security is far more […]

Data Insecurity In The Cloud

Today’s escalating attacks, vulnerabilities, breaches, and losses have cut deeply across organizations and captured the attention of, regulators, investors and most importantly customers. In many cases such incidents have completely eroded customer trust in a company, its services and its employees. The challenge of ensuring data security is far more complicated across public cloud models where there is shared ownership. As key business stakeholders in your company can you attest to who has access to your data in the public cloud models you use and most importantly that your customer’s data has not been tampered with, corrupted, or leaked?

The New Data Economy

We are moving towards a data economy, where data is a core component of the value of the service or product that is delivered to the customer. In our hyper-connected world data streams are becoming far more personal and intimate than previously. Consider a connected bathroom scale where weight loss or gain patterns might be transmitted from a scale to a backend cloud and where as part of the product, customers have the ability to study their weight patterns over periods of time.

Despite a widespread recognition in the industry of the value and importance of customer data, we live in a perpetual state of data insecurity. It’s not only about the high profile data breaches but it’s also about minimizing accidental risk vectors. In the cloud well intentioned employees who don’t consider the ramifications of oversharing on social media sites, or who accidentally drag and drop sensitive documents from their desktops into email or who upload regulated data into insecure file shares to avoid corporate security measures may be your organization’s biggest risk vector.

Internal Data Marketplace

At the CloudExpo Asia conference last week I referred to the sliver lining in the data insecurity issue. The effects of data loss, misuse and leakage are driving a very necessary change across the business landscape and executives are beginning to get educated on data security issues.

Following are three key steps I recommend to executives as they look to beef up their data security programs with a lens on public cloud

1. Build an internal data marketplace: Organizations need to know the value of their data in order to make the right decisions about whether to host or transact their data in a particular cloud model, and thereafter how to protect it. To calculate the value of data, build an internal marketplace with user entitlements and access controls mapped accordingly. This encourages business users to treat data as part of the business P&L.

2. Learn from your data insecurity history: Organizations have a tendency to want to bury the past especially when it hasn’t been stellar. However, knowing how data has been used and abused in the past is an indicator of how it might be compromised and disclosed in the future. Studying loss trends over time can help organizations forecast future losses and improve prevention and mitigation strategies.

3. Make data protection business-consumable: This is a recurring theme in my writings. As business leaders rush to adopt new cloud applications security needs to partner much more strategically. The way that security classifies and treats data has to align to business and usage contexts. It’s protecting data, transactions and workstreams versus focusing only on building secure and compliant infrastructures that will help organizations win and retain customer trust in the long run.

By Evelyn de Souza

Evelyn de Souza

Evelyn de Souza focuses on developing industry blueprints that accelerate secure cloud adoption for business as well as everyday living. She currently serves as the Chair of the newly formed Cloud Security Alliance (CSA) data governance and privacy working group. Evelyn was named to CloudNOW's Top 10 Women in Cloud Computing for 2014 and SVBJ’s 100 Women of Influence for 2015. Evelyn is the co-creator of Cloud Data Protection Cert, the industry's first blueprint for making data protection "business-consumable” and is currently working on a data protection heatmap that attempts to streamline the data privacy landscape.

AI at the Gate: Navigating the Future of Cybersecurity with SonicWall’s Bobby Cornwell

Navigating the Future of Cybersecurity In the face of the digital age’s advancements, AI’s role [...]
Read more
Metasploit-Penetration-Testing-Software-Pen-Testing-Security

Leading Cloud Vulnerability Scanners

Vulnerability Scanners Cyber security vulnerabilities are a constant nuisance and it certainly doesn’t help with [...]
Read more

Azure Free Tier vs. AWS Free Tier: Which Provides More Value?

Cloud computing has become a cornerstone for the digital transformation of businesses. From startups to [...]
Read more

A.I. is Not All It’s Cracked Up to Be…At Least Not Yet!

Exploring AI’s Potential: The Gap Between Aspiration and Reality Recently Samsung releases its new Galaxy [...]
Read more
Katrina Thompson

Why Zombie APIs are Such an Important Vulnerability

Zombie APIs APIs have a lifecycle, the same as anything else. They are born, they [...]
Read more
Steve Prentice

Get Smarter – The Era of Microlearning 

The Era of Microlearning Becoming employable and then staying employable requires ongoing, up to date [...]
Read more

SPONSORS

Interviews and Thought Leadership

Michael Kleef

Akamai’s Michael Kleef Reveals Key Shifts in Cloud Computing Landscape

Welcome to a conversation with Michael Kleef, Vice President of Product Marketing, Developer Advocacy, and Competitive Intelligence at Akamai Technologies. Today, we’re privileged to have him share his insights with [...]
Read more
Jeremy Smillie

Securing the Future: Insights from DevSecOps Expert, Jeremy Smillie

Welcome to another insightful discussion on CloudTweaks. Today, we have the privilege of delving into the dynamic intersection of DevOps, Security, and Tokenization with a seasoned expert in the field, [...]
Read more

How AI Machine Learning Is Enhancing Customer Experience Across Industries

Elevating Customer Satisfaction: AI’s Impact in Every Sector Recent years have witnessed an incredible transformational leap with regard to Artificial [...]
Read more

Exploring SaaS Directories: The Path to Optimal Software Selection

Exploring the Landscape of SaaS Directories SaaS directories are vital in today’s digital age, serving as key resources for businesses [...]
Read more

Navigating Tomorrow: AI and Big Data as Catalysts for Smarter Governance

The Future of Governance In a world increasingly shaped by big data and artificial intelligence (AI), it’s curious why these [...]
Read more

SPONSOR PARTNER

Explore top-tier education with exclusive savings on online courses from MIT, Oxford, and Harvard through our e-learning sponsor. Elevate your career with world-class knowledge. Start now!
© 2024 CloudTweaks. All rights reserved.