U.S. Births Dip To 30-Year Low – A Bright Digital Future?

U.S. Births Dip To 30-Year Low – A Bright Digital Future?

Worried that a robot is going to take your job? The truth is just the opposite. We are actually running out of people but there maybe hope in a new digital world. Demography is destiny. For years we have been fed a steady stream about
How Natural Language Processing Will Change Customer Service

How Natural Language Processing Will Change Customer Service

Natural Language Processing Natural language processing is one subset of AI driving human-machine interactions forward. From helping with direct calls to providing robust alternatives to human workers, it holds many possibilities for customer service on both the front and back ends of the work. As
Vibhav Agarwal

Four Tips For Better Information Security In The Cloud

Information Security

Businesses are increasingly relying on cloud based application deployments and are open to entrusting their most critical data to it. Unlike the early days of cloud, now, there is wider acceptance that cloud-based data can be as secure as on premise and, in some cases, perhaps even more so. Nonetheless, this doesn’t mean businesses can be complacent about cloud security. Stringent governance, risk and compliance is needed to keep information secure.

There can be no doubt that the public cloud services market continues to grow. Gartner forecasts it will reach $204 billion in 2016 – a more than 16 percent growth on 2015. A RightScale survey revealed that Amazon Web Services are in use by over half of the questioned IT professionals and enterprise workloads continue to move to both public and private cloud with more enterprises now running more than 1,000 virtual machines. Furthermore, the survey revealed that security has now been overtaken by a lack of resources or expertise as the number one cloud challenge.

cloud-security-attacks-vendors

This last point is highly significant. What was once a detractor could soon be a reason for migrating to the cloud. Gartner has predicted that security will become a primary reason for cloud take-up by government; big players such as Amazon, Microsoft and Google, points out research director Neville Cannon are able to invest more than most government agencies in state-of-the-art security.

As information becomes a strategic and competitive asset for tomorrow’s digital organizations, information security will become a bigger business priority in the years to come, regardless of the infrastructure, applications and data storage options deployed. Digital organizations cannot afford the business and reputational damage of a leak, hack or loss of information. To protect and preserve business data and reputation when using the cloud, it is imperative that businesses get the following four aspects right:

1. Separation of data

While multi-tenancy has been the mainstream cloud architecture, isolation of client data and applications is an increasing imperative. Multi-instance is therefore gaining ground as a cloud storage solution that separates company data.

For cloud service providers, managing customer expectations around the segregation of sensitive data can be a challenge. Today’s businesses have a higher level of understanding when it comes to specific controls around data access, storage and retrieval and managing network stack requirements.

Happily, virtualization technology now enables complete applications to be encapsulated in a virtual container with performance preservation and security isolation. This makes achieving multi-instance architecture simpler. It also allows for significant gain in terms of economies of scale and cost while preserving the data segregation principle across customers.

2. Access

Robust identity management is essential for the business to retain control over the type of access its users have. This includes strictly enforced processes for managing updates within the organisation, such as personnel responsibility changes. Such changes can impact the data and applications that team members need access to – and those that they don’t.

security-concerns

The cloud service provider should be able to track who accesses what and when and provide this information for early intrusion detection. This is a basic requirement and as such a robust authentication and authorization framework compatible with single sign on and active directory is now the entry-level standard. Advanced identity management tools such as Cloud Access Security Broker (CASB) are also now available to ensure management of access control between on-premises and cloud applications.

3. Regulatory compliance and data protection

The General Data Protection Regulation (GDPR) comes into force in 2018 in the EU. This will impact how businesses use and share customer data. Yet a study by Blue Coat Elastica Cloud Threat Labs found that 98 percent of analyzed apps aren’t GDPR ready and, shockingly that 12 percent of ‘broadly shared documents and files contain regulated information and confidential data such as source code and legal information.’

The government-wide Federal Risk and Authorization Management Program (FedRAMP) has clearly defined considerations for storing data on cloud. Increasingly, compliance with the Federal Information Security Management Act (FISMA) is becoming mandatory to do business and industry specific compliances such as HIPAA are gaining ground.

Companies remain responsible for regulatory compliance regardless of whether they own and manage their own IT infrastructure and storage solutions or use the services of a cloud provider. Organizations need to be aware of the type of data they hold and all relevant compliance considerations that may apply to it, for example protected personal information and financial information.

While specific demonstrations of compliance vary according to the compliance ability, it needs to be clear within the cloud service provider agreement the measures that the provider has in place for compliance.

4. Business continuity management

As organizations become globalized and inter-dependent, their ability to continue business 24X7X365 is one of the essential needs. Hence, companies should insist on a business continuity plan and periodic test assessments from the cloud service provider. Generally, this is established practice, as is providing proof of business continuity exercises every quarter. SSAE16 certification – the auditing standard for service organizations – covers some part of this.

Cloud storage and applications provide compelling business benefits around cost savings, efficiency and collaborative working. Companies dependent on cloud service providers for the integrity and security of their data need to have complete confidence in their provider. This means shared and agreed risk management processes that will help preserve and protect the security of the company’s information and safeguard the integrity of its operations.

By Vibhav Agarwal

Vibhav Agarwal

Vibhav Agarwal is the Director, Product Marketing at MetricStream.

Vibhav has 11+ years of progressive experience in Enterprise product marketing, sales management, ERP & CRM program planning and delivery, software vendor selection and implementation across Hi-Tech, Trading & Capital Markets and Internet domains. Worked extensively in various roles dealing with multinational conglomerates as well as mid-sized companies like Info Edge India, in deals ranging between 0.5-30 million USD. Exposure to all stages of product and IT applications, sales & marketing, product management, and enterprise implementations.

View Website

RESOURCES

10 Prototyping Tools To Help Build Your Startup

10 Prototyping Tools To Help Build Your Startup

Prototyping Tools We are continuing this week by focusing on startup tools, tips and tweaks that will help you build, design, manage and market your way into the cloud based business that you want to be. Last week we offered a ...
How Security Certification Helps Cloud Service Providers Stay Transparent and Credible

How Security Certification Helps Cloud Service Providers Stay Transparent and Credible

Security Certification Helps Cloud Service Providers If you are a cloud service provider (CSP), you know your customers have a choice as to who to work with, but do you know what will help tip the scales in your favor? ...

SPONSORS

The Benefits of Cloud-Based Phone Systems

The Benefits of Cloud-Based Phone Systems

Cloud-Based Phone Systems Although today’s businesses rely on a host of modern technology, the century-old telephone call is as essential ...

Cloud Community Supporters

(ISC)²
AWS
HPE
CA Technologies
Cisco

Cloud community support comes from sponsorship, service opportunities and collaborative network partnership initiatives.

"Top 100 Brand Influencer, Cloud”
-ONALYTICA

"Best Cloud Computing Blog"
-SYSADMIN MAGAZINE

"Top 10 Sites For Cloud Computing"
-DIGITALISTMAG SAP

"Top 10 Cloud Computing Blogs”
-MARKETING ENVY

"Top 25 Must Read Cloud Blogs"
-CLOUDENDURE