Building a Vibrant Open Source Community, and the “Take A Penny, Leave A Penny” Doctrine

Building a Vibrant Open Source Community, and the “Take A Penny, Leave A Penny” Doctrine

Open source software is different than proprietary software in one very important area: open source software can enable new ways to create value. The very nature of open source software – and the community that springs up around that open source software – provides a
U.S. Births Dip To 30-Year Low – A Bright Digital Future?

U.S. Births Dip To 30-Year Low – A Bright Digital Future?

Worried that a robot is going to take your job? The truth is just the opposite. We are actually running out of people but there maybe hope in a new digital world. Demography is destiny. For years we have been fed a steady stream about

Data Protection In The Cloud

2015 ushered in the start of a data economy. As organizations amass more detailed consumer profiles they have begun realizing that data could equal or surpass the value of the products and services they sell, especially in the Internet of Things era with its constant and very personal streams of data. Data breaches such as the Office of Personal Management and toymaker, VTech are indicative of increasing hactivist interest in more personal data and also of the growing value of that data.

hacker-cloud

At the same time the concept of cloud is changing. In our hyper connected era traditional backend clouds where the bulk of data processing takes place have been superseded by waves of cloud migration that are closer to where the data transaction is occurring. This allows for real-time data exchanges.  Additionally, the lines between SaaS, PaaS and IaaS are becoming blurred with hybrid models such as SaaS built upon PaaS.  With the confluence of a data economy, blurring of cloud models, and far more egregious data breaches I have outlined principles that Information Security Practitioners may want to consider as we move into 2016.

1. Bake standard data security profiles into a cloud brokerage platform that can be applied on as needed consumption basis.  This will more easily allow IT and InfoSec to keep pace with new instantiations by the business across the cloud-extended data center.

2. Place increasing importance on federated identity schemes with individuals having multiple devices across different cloud services.

3. Build a data brokerage to help calculate the value of data.  It’s the most effective way for business users to learn the value of the data they create, collect or handle.

Protect data according to the following domains:

Data Classification

  • State data classification in business consumable terms if you want business users to own up to protecting data according to its business risk.
  • Leverage machine learning for dynamic data classification as data changes value over the course of its lifecycle.

Data Ownership

  • Where possible digitally tag or watermark data that is transacted, stored or processed with a cloud provider.  This minimizes confusion around data ownership and entitlement rights.

Data Protection and Lifecycle Management

  • Ensure policy management extends to access management at the various admin layers for the cloud provider as well as for the elements of the cloud stack you as an organization have control over.
  • Enable data owners to specify what actions users can take– read, write, copy, modify.
  • Ensure that data lifecycle management – creation, modification, retention, destruction is built into your policies.
  • Set encryption settings – key strength and key management parameters based on data sensitivity.
  • Continuously log all actions based on the context of who, what when and where.

By Evelyn de Souza

Evelyn de Souza

Evelyn de Souza focuses on developing industry blueprints that accelerate secure cloud adoption for business as well as everyday living. She currently serves as the Chair of the newly formed Cloud Security Alliance (CSA) data governance and privacy working group. Evelyn was named to CloudNOW's Top 10 Women in Cloud Computing for 2014 and SVBJ’s 100 Women of Influence for 2015. Evelyn is the co-creator of Cloud Data Protection Cert, the industry's first blueprint for making data protection "business-consumable” and is currently working on a data protection heatmap that attempts to streamline the data privacy landscape.

BRANDED COMICS FOR YOUR NEXT CAMPAIGN

Get in touch with us regarding our introductory rates!

Technology Cloud Contributor

The Competitive Cloud Data Center

The Competitive Cloud The corporate data center was long the defacto vehicle for all application deployment across an enterprise. Whether ...
Built to Last: Choosing the Right Infrastructure Partner for Your Game

Built to Last: Choosing the Right Infrastructure Partner for Your Game

Choosing the Right Infrastructure Partner There are millions of gamers around the globe, and according to gaming market research firm ...
Determining the Economic Value of Data

Determining the Economic Value of Data

[Note: I have been trying to write this blog for several years.  But instead of trying to perfect the concept, perhaps ...
The Cloud Debate - Private, Public, Hybrid or Multi Clouds?

The Cloud Debate – Private, Public, Hybrid or Multi Clouds?

The Cloud Debate Now that we've gotten over the hump of whether we should adopt the cloud or not, "which ...
How AI Revolutionizes the Industrial Sector

How AI Revolutionizes the Industrial Sector

Breakneck speed, unprecedented development and unhindered feasibility are just some of the phrases attached to the spread of Artificial Intelligence ...

AWS CloudFormation Coverage Updates for Amazon EC2, Amazon ECS and Amazon Elastic Load Balancer

/
AWS CloudFormation provides a common language for you to describe and provision all the infrastructure resources in your cloud environment. It allows you to use a simple text file to model and provision, in an ...

Smart Oilfield: Diminish Downtime and Optimize Maintenance Costs with SAP Upstream Field Activity Management by OIS

/
In our daily lives, the black gold below ground is omnipresent in one way or another. Fossil oil is used not only as vehicle fuel, but also in the production of articles we use daily ...

Your Edge as an Intelligent Enterprise Depends on an Ideal Foundation

/
Fueled by growing data and accelerating change, digital transformation is no longer viewed as revolutionary. The real competitive edge is how businesses build on each stage of evolution to empower people to impact ...