CLOUDTWEAKS CONTRIBUTOR PROGRAM

Join the CloudTweaks thought leadership contributor program which includes a customized profile, branded identity page, newsletter marketing, social amplification and more...

The program is currently available to consultants, influencers or executive level contributors.

Daren Glenister

10 Ways The Enterprise Can Prevent Data Leaks In The Cloud

Prevent Data Leaks In The Cloud

More companies are turning to the cloud for storage. In fact, over 60 percent of organizations store sensitive information in the cloud, according to a recent Intel security survey. As a result, the risk of exposure through data leakage continues to increase, as well as the issue of cloud compliance.

How can enterprises ensure data remains secure amidst this rise of cloud computing? Below are some tips and best practices on how enterprises can stay compliant when using cloud storage and backup services.

  1. Classify data: Classifying high value, personally identifiable information (PII) is an important first step in knowing what an enterprise needs to protect. Classifying data such as dates of birth, social security numbers, and banking information allows access and security procedures to be increased based on the sensitivity of the data.
  1. Know where your data lives: As new regulations like the General Data Protection Regulation (GDPR) are rolled out, knowing the physical location of where enterprise data is stored will be critical to keeping data safe. It’s equally important to also know how to protect data once it leaves a device. Too much emphasis is placed on securing data at rest, and not enough on data in motion. As companies expand and operate in multiple countries, we should expect to see a rise in protecting data that’s on the move.
  1. Vet your vendors: As new data privacy regulations are implemented, enterprises must maintain continuous compliance. Gone are the days when compliance was a one-time exercise. Ensuring cloud vendor compliance will be particularly challenging for companies operating in multiple countries, as regulations vary from region to region. Companies need to stay on top of their vendors to ensure they not only disclose where data is stored but where it is processes also, they may not be the same, and businesses can no longer assume their data is safe or compliant when outsourcing to a service provider.
  1. Have an incident response plan in place: Regardless of industry — healthcare, government, education— it shouldn’t be a matter of preparing for the possibility of a cloud provider to fail in their responsibilities, but rather, the likelihood of one. By defining and implementing an incident response plan, enterprises can avoid a blame game and know who is ultimately responsible for remediating the problem from the get-go.
  1. Utilize Information Rights Management (IRM) technology: As criminals continue to target PII within corporate networks, IRM technology can be a critical tool for protecting data and maintaining compliance. This technology protects sensitive data by embedding encryption and user permissions directly into the file, instead of the systems around it. This ensures safety throughout the lifecycle of the document, both at rest and in motion and allows data to be protected in the event of a leak.
  1. Uphold a single ‘source of truth’: Whether you’re sharing data internally or externally, it’s important to maintain a single ‘source of truth’ by minimizing the number of copies shared through secure collaboration tools. This allows individuals to securely collaborate and prevent multiple copies from being distributed – reducing both the threat surface and the chance of data leak. Watermarking documents can also help an organization quickly track down the source of a data breach to minimize its effects.
  1. Encrypt data, no matter where it resides: Encrypt sensitive data 24×7, whether at rest or in motion. This isn’t a ‘nice to have’ technology; both PII and other sensitive information needs to be encrypted. Why? Encryption is your last defense against cybercriminals phishing for your privacy. When all other attempts at protecting data fail, encryption is every organization’s last hope to protect its most sensitive data from being an unwilling participant in the hacker’s game of breaches.
  1. Get smarter about passwords: By accessing just one single username or password, hackers can communicate with hundreds of others and appear credible. That gives them time to navigate within a company until they reach the target— the person who has administrative access to data. If cybercriminals get their hands on a CEO’s credentials, they can send out emails to the executive team telling them to take certain actions, all without the CEO ever having a clue. Knowing the consequences can help put into context the importance of protecting data.
  1. Set permissions: By setting user permissions on a need-to-know basis, companies could significantly reduce the chances of copying and pasting data (which can easily slip into the wrong document or email address). For example, if the IT team sets default permissions in a document-sharing platform as ‘editor’ rather than ‘viewer,’ a lot of sensitive data could slip through the cracks.
  1. Educate, educate, educate: Last, but not least, it’s crucial to spread awareness throughout the organization. Can your employees spot a phishing email? Are they still using spreadsheets to store password information? From employees to board members to vendors, there’s no such thing as too much education. The first step to preventing data leaks is knowing the potential consequences, as well as best practices, to prevent the spread of attack.

Apart from the fundamental and basic steps organizations need to follow to secure data (like network firewalls and endpoint protection tools), enterprises implementing the above best practices will prevent their chances of leaking highly sensitive data stored in the cloud.

By Daren Glenister

Daren Glenister

Daren is the Field Chief Technology Officer for Intralinks. Daren serves as a customer advocate, working with enterprise organizations to evangelize data collaboration solutions and translate customer business challenges into product requirements.

Glenister brings more than 20 years of industry experience and leadership in security, compliance, secure collaboration and enterprise software, having worked with many Fortune 1000 companies to turn business challenges into real-world solutions.

View Website
The Lighter Side Of The Cloud - Cloud Holiday
The Ligther Side Of The Cloud - Speed Browsing
The Lighter Side Of The Cloud - The Crash
The Lighter Side Of The Cloud - Brain Cramp
The Lighter Side Of The Cloud - Metcalf
Why ‘Data Hoarding’ Increases Cybersecurity Risk

Why ‘Data Hoarding’ Increases Cybersecurity Risk

Data Hoarding The proliferation of data and constant growth of content saved on premise, in cloud storage, or a non-integrated ...
Imminent IoT Eye-Tracking Technologies To Transform The Connected World

Imminent IoT Eye-Tracking Technologies To Transform The Connected World

IoT Eye Tracking Smelling may be the first of the perceptible senses, but the eye is the fastest moving organ ...
When it Comes to the Communications Cloud, You Cannot Manage What You Cannot Measure 

When it Comes to the Communications Cloud, You Cannot Manage What You Cannot Measure 

The Communications Cloud As more and more real-time communications – whether voice, messaging, video or collaboration – move to distributed software ...
Legal Tech - How to Create Long-Term Growth for Your Practice

Legal Tech – How to Create Long-Term Growth for Your Practice

Legal Tech Your Practice Your law firm is a business. Like all businesses, growth and profitability is paramount. You want ...
Wearable Tech For Those With Disabilities: Shaping the Future

Wearable Tech For Those With Disabilities: Shaping the Future

Wearable Tech For Those With Disabilities Wearable tech is one of the most exciting aspects of the rapidly growing tech ...
How prepared are you to overcome the misuse of AI

How prepared are you to overcome the misuse of AI

Overcome the Misuse of AI Have you ever considered that the AI system integrated into your organisation's computing infrastructure could ...
Rainmaking From The Cloud - CIOs Struggle To Keep Pace With IT Demands

Rainmaking From The Cloud – CIOs Struggle To Keep Pace With IT Demands

Rainmaking from the Cloud In the digital era, where customers can select virtually anything with a click of a button, ...
How Security Certification Helps Cloud Service Providers Stay Transparent and Credible

How Security Certification Helps Cloud Service Providers Stay Transparent and Credible

Security Certification Helps Cloud Service Providers If you are a cloud service provider (CSP), you know your customers have a choice as to who to work with, but do you know what will help tip the scales in your favor? ...
Network Management Software Buyer Guide 2018

Network Management Software Buyer Guide 2018

This concise data-driven report covers the Network Management software landscape, as of August 2018. he 24-page report includes: Market Overview - Top 10 Network Management products in 2018, User reviews and vendor size data, In-depth look at the Top 3 ...
Business Analytics Vs Data Science

Business Analytics Vs Data Science

Big Data Continues To Grow Big Data continues to be a much discussed topic of interest and for good reason.  According to a recent report from International Data Corporation (IDC), "worldwide revenues for big data and business analytics will grow ...
Infographic - Internet of Things (IoT) Will Be Top Technology Investment

Infographic – Internet of Things (IoT) Will Be Top Technology Investment

Internet of Things Investment Investors are jumping all over the opportunities abound when it comes to the Internet of Things and Big Data. There is simply way too much money at stake to ignore the potential that is going to truly ...
Machine Learning Open-Source Tools

Do More With Machine Learning Thanks to These 6 Open-Source Tools

Machine Learning Open-Source Tools We are in the middle of a machine learning, AI and big data renaissance — at least, that’s what we’re calling it. Seemingly everyone is interested in this technology these days, and for a good reason ...
Gartner’s Top 10 Predictions For IT In 2018 And Beyond

Gartner’s Top 10 Predictions For IT In 2018 And Beyond

Gartner’s Top 10 Predictions For IT In 2018 In 2020, AI will become a positive net job motivator, creating 2.3M jobs while eliminating only 1.8M jobs. By 2020, IoT technology will be in 95% of electronics for new product designs ...