Cyber security in a cloud world



Some useful advice for managing the security of your data in today’s increasingly cloud-based world.

A recent posting in Security Week begins by enumerating several benefits the cloud may provide to strengthen security – “unlimited storage capabilities for global threat intelligence and historical data, powerful processing capabilities for security analytics, and the ability to deploy security technologies to even the most remote outposts.” However, author Marc Solomon cautions that security teams need to “think about how attackers are now banking on the increasing usage of Software as a Service apps based in the cloud and the advent of Shadow IT to steal valuable digital assets.

Being able to understand and address the main security challenges cloud apps can introduce to your organization requires visibility into what data is stored in the cloud as well as the contextual factors of how that data is being accessed or used. To help the reader, he lists and explains several questions to ask:

  • Which cloud apps are employees using and what risks do they add?
  • What files and data are exposed through these cloud apps?
  • Can I control the sensitive data shared through cloud-based apps?
  • If an attack happens, can I get to the bottom of it and set policy to prevent future attacks?

File sharing is much more fluid in a cloud-based world. Hence, you need a comprehensive way to prevent sensitive data from being uploaded for inappropriate sharing. This visibility into data and activities provides the ability to detect anomalies, conduct further investigation and take quick and decisive action.

There’s no arguing that, as Solomon puts it, the cloud is “transformative in its impact to create new business models, enable more effective collaboration, and increase productivity and agility.” However, being able to take advantage of these features requires that business take measures to address the increased risk of malicious or accidental leakage of protected or other sensitive business-critical data within and beyond the traditional security perimeter – including cloud storage. Those measures will require a combination of the right technology, security policies, and an educated user base. As Solomon is quick to point out, this can only be achieved by creating an organizational security culture in which all stakeholders work together toward building a strong defense will be most likely to thrive under the immense pressures coming from cyberattacks.

Rosella Fernandez

Yansi keim (not verified) | November 10, 2015 7:03 am

With increasing usage of Software as a Service apps based in the cloud, increasing is the number of threats to this platform as well. What primary measures should be taken care for answering

1. Which cloud apps are employees using and what risks do they add?
2.What files and data are exposed through these cloud apps?
3.Can I control the sensitive data shared through cloud-based apps?
4. If an attack happens, can I get to the bottom of it and set policy to prevent future attacks?

Nate Lord | November 10, 2015 12:06 pm

Hey Yansi - good question. Here's another blog post on cloud security that covers many of the measures required: https://digitalguardian.com/blog/8-step-framework-secure-cloud-adoption

-Nate

Please post your comments here

Digital Guardian Data Loss Prevention

Read how Digital Guardian for DLP gives you everything you need to stop sensitive data from getting out of your organization. 

Read now

Related Articles
What is Cloud Security?

With more businesses running vital business computing functions in the cloud today, cloud security is a must as attackers seek to exploit vulnerabilities and gain unauthorized access to sensitive data. In this post, we’ll talk about the benefits of cloud security as well as some best practices to follow.

50 Cloud-Based Security Selection Tips

With more and more companies making the move to the cloud, security remains an utmost concern. Reviewing a cloud security solution? Ask yourself these 50 questions.

What is File Sharing Security?

Cloud storage and file sharing apps bring a many benefits to enterprises due to their scalability and convenience. However, when not managed properly, file sharing can have serious implications from a data security standpoint. Read on to learn about the risks of unmanaged file sharing and how companies can securely adopt file sharing systems.