In my previous post, I highlighted several challenges that make Cloud-based security a matter of constant vigilance. In this post, I’d like to offer some solutions that can help your organization meet these challenges and stay secure in the Cloud.
These security solutions make good business sense, because they help you function more effectively in today’s world. For example, they can help you:
- Protect internal data: You want to give employees easy access to company information that makes them more productive. But you also need to protect any data that is accessible via the cloud. Virtual private networks, or VPNs, allow you to place your internal applications behind a firewall that is accessible only by authorized users. They can be very effective in protecting your organization’s data. But that protection is only as good as the sign-on procedures. Simple password-based systems do not provide adequate protection. More sophisticated systems that support a variety of authentication methods – such as two-factor authentication or biometrics – are more effective.
- Protect customer and partner data: You’ve read about the famous and highly embarrassing cases of hackers capturing sensitive information such as customer-related data. These episodes can seriously damage your credibility with customers and business partners, and violate data privacy laws. But data loss prevention software can help ward off attacks by detecting any breaches of your Cloud-based system and preventing hackers from accessing critical data.
- Deliver faster insights: More and more organizations are discovering the value of delivering real-time analytical insights via mobile devices. But a mobile business intelligence strategy requires a high level of security. Mobile Device Management (MDM) software helps ensure that all devices used by your team – including BYOD devices – are protected by data encryption and other configuration settings. In addition, it can ensure that any device may be immediately wiped clean in the event of loss or theft.
- Provide role-based access: Different employees require different data access clearance. But how do you enforce role-based policies so that each employee gets the data he or she needs – while preventing unauthorized access to critical applications? Among the challenges to consider are:
- Role changes: When an employee changes roles due to a promotion or other reason, they may need new permissions. In addition, they may need to have their previous permissions revoked
- Temporary duties: When an employee fills in for a colleague or takes part in a special assignment such as year-end closing, they may acquire new access privileges that need to be revoked when that temporary assignment is finished. For example, a purchasing manager may need to step in for a colleague who is authorized to create new vendors within the system. That PA could now potentially create fictitious vendors and direct purchase orders to them, resulting in a security risk. To minimize such risks, your systems need to enable frequent compliance checks for all roles – especially those that involve access to critical business applications such as ERP.
- Outgoing employees: When an employee leaves, he or she could retain access to the organization’s systems for months or even years to come. Your systems need to provide for immediate termination of privileges
- Protect against malware: Malware can damage workflows and compromise productivity. So every Cloud-based environment should be equipped with software that continually detects and prevents malware attacks. Because malware continues to grow more sophisticated, prevention systems should be updated on a daily basis.
While these solutions may seem a bit technical, even non-tech executives should be aware of their existence – and their advantages. And if your Cloud provider does not offer most or all of them, you should ask them why.
Have You Read this Report?
If you haven’t yet read “Protecting the Cloud” by Oxford Economics, I highly recommend it as an excellent introduction to the most critical issues of Cloud security. To download a complimentary copy,