How Enterprises Can Deploy Cloud Services More Securely

1 of 10

How Enterprises Can Deploy Cloud Services More Securely

Nothing in last year's news exposed IT security weaknesses more clearly than the 2016 U.S. presidential election. When you add up Hillary Clinton's emails, John Podesta's public Gmail and Twitter accounts, and WikiLeaks publishing thousands of emails from sources yet to be named, it's clear that if attackers can gain access to such highly sensitive accounts, they can hack into any organization. Meanwhile, enterprise IT is going through a massive shift as the digital transformation to cloud services continues. In this eWEEK slide show, using industry information from cloud storage provider CTERA Vice President of Marketing Tom Grave, we offer tips on how enterprises can minimize the risk of data breaches as they plan cloud strategies. CTERA specializes in the digital transformation of enterprise file services.

2 of 10

Don't Put a Bull's-Eye on Your Data

Think about approaches that minimize the target value of an organization's data. Consider deploying services on virtual private clouds or internal/on-premises systems, entirely within a firewall, keeping information away from the spotlight of highly visible SaaS targets.

3 of 10

Protect Corporate User Identities or Metadata

User identities are subject to hacking; enterprises must protect their corporate user identities since loss of user identity is likely to result in loss of the user's corporate data. Similarly, collecting evidence on the existence of data and its properties can pose a threat as much as losing the data itself. Some cloud-storage solution providers do not adhere to this strategy and keep all of their customers' metadata centralized in a public place, thus indirectly requesting enterprises to put their faith in them, which poses a significant risk to data confidentiality and integrity.

4 of 10

Avoid Saas Providers That Generate and/or Manage Encryption Keys

Encryption keys generated in unencrypted servers can provide attackers with easy access enterprise data. Similarly, having your SaaS provider manage your keys increases your susceptibility of losing control of your data. While cloud services providers boast high security, including physical protection of hosting facilities, electronic surveillance and ISO 27001 certifications, many provide no protection against government data requests, blind subpoenas or clandestine spying. Make sure you own user identities, metadata and encryption keys to ensure the highest levels of data privacy.

5 of 10

Control Your Endpoints and Offices

Use enterprise mobility management (EMM) tools to eliminate shadow IT and create secure productivity spaces within corporate-provided and BYOD devices. Encrypt all data at the source to ensure the greatest levels of access of file security.

6 of 10

Lock Down External Collaborator Access

Implement strict policies to enforce what data can and cannot be uploaded in a file sharing environment, control what domains/emails can and cannot be emailed to, and audit all accesses to ensure there are no anomalistic events. Data loss prevention (DLP) tools can be used to restrict access behaviors.

7 of 10

Improve Password Security

Set rigorous policies around password strength and refresh rates. Consider adding multifactor authentication that will require the user to use a combination of something they know like a static password and something they have such as a smart card or a token that generates a one-time password.

8 of 10

Know Your Data Protection Options

Understand the limitations of cloud services to recover data lost in the event of an attack, user error, etc., as part of your vendor's service-level agreements. Ensure that you protect data residing in the cloud, meaning back up your SaaS applications, as well as services and applications running on a public cloud infrastructure as a service (IaaS) as part of an organizational strategy for backup/recovery of data in all locations (on-premises and in-cloud).

9 of 10

Investigate Multicloud Strategies

When organizations run applications on multiple cloud services rather than relying on a single vendor, they reduce the risk of a vendor's service outage, which could cause them significant issues and downtime. This is a critical component of a cloud strategy that enables organizations to preserve cloud optionality while strengthening their business continuity models.

10 of 10

10 Vendors Jumping on the Kubernetes Bandwagon

The open-source Kubernetes project has grown significantly in recent years and now benefits from commercial support from multiple vendors.
Top White Papers and Webcasts