Principles For Data Protection Online

Evelyn de Souza

Data Protection In The Cloud

2015 ushered in the start of a data economy. As organizations amass more detailed consumer profiles they have begun realizing that data could equal or surpass the value of the products and services they sell, especially in the Internet of Things era with its constant and very personal streams of data. Data breaches such as the Office of Personal Management and toymaker, VTech are indicative of increasing hactivist interest in more personal data and also of the growing value of that data.

hacker-cloud

At the same time the concept of cloud is changing. In our hyper connected era traditional backend clouds where the bulk of data processing takes place have been superseded by waves of cloud migration that are closer to where the data transaction is occurring. This allows for real-time data exchanges.  Additionally, the lines between SaaS, PaaS and IaaS are becoming blurred with hybrid models such as SaaS built upon PaaS.  With the confluence of a data economy, blurring of cloud models, and far more egregious data breaches I have outlined principles that Information Security Practitioners may want to consider as we move into 2016.

1. Bake standard data security profiles into a cloud brokerage platform that can be applied on as needed consumption basis.  This will more easily allow IT and InfoSec to keep pace with new instantiations by the business across the cloud-extended data center.

2. Place increasing importance on federated identity schemes with individuals having Multiple Devices across different cloud services.

3. Build a data brokerage to help calculate the value of data.  It’s the most effective way for business users to learn the value of the data they create, collect or handle.

Protect data according to the following domains:

Data Classification

  • State data classification in business consumable terms if you want business users to own up to protecting data according to its business risk.
  • Leverage Machine Learning for dynamic data classification as data changes value over the course of its lifecycle.

Data Ownership

  • Where possible digitally tag or watermark data that is transacted, stored or processed with a cloud provider.  This minimizes confusion around data ownership and entitlement rights.

Data Protection and Lifecycle Management

  • Ensure policy management extends to access management at the various admin layers for the cloud provider as well as for the elements of the cloud stack you as an organization have control over.
  • Enable data owners to specify what actions users can take– read, write, copy, modify.
  • Ensure that data lifecycle management – creation, modification, retention, destruction is built into your policies.
  • Set encryption settings – key strength and key management parameters based on data sensitivity.
  • Continuously log all actions based on the context of who, what when and where.

By Evelyn de Souza

Anita Raj

Will there be a normal to go back to after COVID-19?

The COVID-19 Aftermath Until November last year, not one of us would have expected life to take such a dramatic turn in as short as ...
Patrick Joggerst

From Virtualization to Cloudification: Transforming Networks, Now What?

Virtualization to Cloudification As we head into the next decade of telecommunications network technology transformation, we find ourselves at a pivotal moment as the era ...
Thomas Franklin

Future of Stock Markets : Raising Capital Through ICO is 10x cheaper and 20x easier

Future of Stock Markets: Raising Capital Through ICO How blockchain will replace the stock markets as we know them today. Welcome to the future. It’s ...
Matt Holleran

Cloud Marketplaces Give Startups A Leg Up – Part 2

Cloud Marketplaces In my last post, Cloud Platforms, Marketplaces, and Startups Part One, I examined the proliferation of partner ecosystems within the cloud software business, ...
Kip Compton

What’s Ahead for Cloud in 2019

The Cloud In 2019 2018 was an incredible time for cloud. Its impact on customer experiences, business processes and models, and workforce innovations was undeniable ...
Nikolas Kairinos

The growing role of AI in Sales and Marketing

AI in Sales and Marketing  Artificial intelligence (AI) as a Sales and Marketing (SaM) tool to help businesses deliver a better customer experience and secure ...
Sam Samarasekera

Why AWS’s building block structure can benefit SMBs

AWS’s Structure Can Benefit SMBs With every year that passes, the popularity of cloud technology increases as more businesses choose to make the move. This ...
Andrew Marsh Washington Frank

Why should SMEs embrace Cloud ERP solutions?

SMEs & ERP Solutions Remaining competitive in the market is the primary goal of every business. For SMEs, moving to the cloud can help that ...
Tunio Zafer

Questions To Ask Every Cloud Storage Provider

Cloud Storage Provider Questions As with many new technologies, attitudes toward cloud storage vary. Telephones were immobile; wearables perhaps unwarranted. And now, the global cloud ...
Shopping Ny

3 Leading Dropshipping Platforms in 2020

Dropshipping Platforms Dropshipping has been growing tremendous interest over the years especially with the ability to access and source massive amounts of product inventory online ...