shutterstock_190889579

Destroying Cloud Data In The Age Of Data Multiplication

The Age of Data Multiplication

We are surrounded by data, whether in our personal or professional lives with digital elements that are constantly being captured about us. This leads to exponentially increasing volumes of data whether from Internet-connected devices, video, cell records, customer transactions, healthcare and government records.

Today, there is a growing awareness and sensitivity from end users, government agencies and lawmakers of how all of this data might be used and in the coming years this concern is only set to heighten.

Organizations leveraging cloud services to store this data may need to take a closer look at the lifespan of the data they collect and how it is expired and destroyed. Today’s organizations need to understand that cloud as a model causes data to multiply further. The dynamic nature of resource allocation and maximizing availability in a hybrid or public cloud means resources are replicated and backed up across multiple data centers. When an organization contacts the cloud provider to expire or expunge data they may only be severing their client connection to the data. Organizations often don’t allow for the fact that backup instances or traces of data may still linger and could be a source for unauthorized access.

So, how do today’s organizations ensure their data is destroyed?

1. Tag all sources of mission-critical data: It starts with strong preventative measures: If data is classified digitally to a scheme that is intuitive to your cloud provider and your organization it will be easier to track through its lifecycle and then expire and destroy.

2. Take time to assign entitlements and access rights: Ensure that access rights or entitlements for sensitive or mission-critical data are limited to only those who have a legitimate need for access.

3. Apply encryption based on context: When data is encrypted, it is only readable to those with access to the encryption keys. It is the most certain way to limit unauthorized access to data in the cloud. By encrypting organizations can be better assured of the confidentiality of their data and potentially be less concerned with their cloud providers’ data destruction methods.

4. Perform data wipes: Many government and industry standards require data storage wipes to ensure that hardware is safe for reuse. There are different types of software and hardware that even allow for remote erasure. The benefit is to enable a provider or enterprise to repurpose the media for reuse.

5. Physically destroy data and media: In the cases of highly classified information organizations can use strong magnets to destroy data or even shred physical media. This ensures that the data on the destroyed media can never be recovered. Physical destruction methods are the last resort and only feasible in a private cloud environment.

By Evelyn de Souza

Evelyn de Souza

Evelyn de Souza focuses on developing industry blueprints that accelerate secure cloud adoption for business as well as everyday living. She currently serves as the Chair of the newly formed Cloud Security Alliance (CSA) data governance and privacy working group. Evelyn was named to CloudNOW's Top 10 Women in Cloud Computing for 2014 and SVBJ’s 100 Women of Influence for 2015. Evelyn is the co-creator of Cloud Data Protection Cert, the industry's first blueprint for making data protection "business-consumable” and is currently working on a data protection heatmap that attempts to streamline the data privacy landscape.

How to secure personally identifiable information (PII) of customers

How to secure personally identifiable information (PII) of customers

Secure Personally Identifiable Information Information security has been a constant challenge for enterprises. Especially in a software test environment, enterprises face ...
As Enterprises Execute Their Digital Strategies, New Multi-cloud Landscape Emerge

As Enterprises Execute Their Digital Strategies, New Multi-cloud Landscape Emerge

The Multi-cloud Landscape The digital universe is expanding rapidly, and cloud computing is building the foundation for almost infinite use ...
State of the Cloud Report

State of the Cloud Report

Cloud Report As the definitive guide to the biggest trends in the cloud industry, this year’s “State of the Cloud ...
Using Cloud Analytics To Improve Customer Experience

Using Cloud Analytics To Improve Customer Experience

Evolution of Cloud Analytics Moving data to the cloud, once considered a strenuous task, has now become commonplace in most ...
Adopting A Cohesive GRC Mindset For Cloud Security

Adopting A Cohesive GRC Mindset For Cloud Security

Cloud Security Mindset Businesses are becoming wise to the compelling benefits of cloud computing. When adopting cloud, they need a ...
What Is Net Neutrality And Why Is It So Important?

What Is Net Neutrality And Why Is It So Important?

What Is Net Neutrality? Net neutrality is a concept that has been the centre of a lot of debates recently, ...
Palo Alto Networks Commitment to Educating European CEOs and Boards on Cybersecurity as a Business Issue

Palo Alto Networks Commitment to Educating European CEOs and Boards on Cybersecurity as a Business Issue

In recent years, the topic of cybersecurity awareness, education, training, and skills has grown in importance across the European Union. On each trip I take to Brussels, I am struck by how this is a ...
AT&T Unveils $15-a-Month Video Service

AT&T Unveils $15-a-Month Video Service

Wireless company’s fees for programmers would depart from industry practice AT&T Inc. T -1.20% on Thursday unveiled a new video service, called WatchTV, that aims to use a “skinny bundle” of channels to recapture some ...
Teradata sues Germany's SAP, alleging it stole trade secrets

Teradata sues Germany’s SAP, alleging it stole trade secrets

FRANKFURT (Reuters) - SAP SE, Europe’s most valuable technology company, was sued on Wednesday by U.S. company Teradata, which accused it of stealing trade secrets, copyright infringement and anti-trust violations. The case, filed at the ...