Key factors to achieve data security in cloud computing – TechTarget

Just about every company uses some sort of cloud computing today, and it’s easy to understand why. The cloud increases scalability, flexibility and collaboration — often while cutting costs and improving efficiency.

The cloud is not without its challenges, however — especially when it comes to data security.

Why is cloud data security important?

Data security in cloud computing is critical, regardless of whether it is in public clouds or private clouds. Compliance and privacy violations, cloud service provider (CSP) breaches or exposure and accidental misconfigurations of cloud services and data storage objects that could lead to data breaches and illicit data access are just a few of the many data security issues enterprises confront when they deploy applications and sensitive information into the cloud. Other threats that also affect on-premises environments, such as insider threats, also affect cloud computing security.

In order for organizations to reap the benefits of the cloud, they must be aware of the top cloud data security threats and challenges and how to mitigate them, as well as general and SaaS-, PaaS- and IaaS-specific cloud security considerations.

Top cloud data security threats and challenges

In its updated “Top Threats to Cloud Computing” research, the Cloud Security Alliance cited 11 key cloud security risks, among them the following three pertaining specifically to data:

  1. insufficient credential and key management
  2. accidental cloud data disclosure/exposure
  3. cloud storage data exfiltration

Data storage is a particularly thorny issue. Cloud providers employ a variety of data storage options depending on the types of cloud services in use. SaaS providers usually have large-scale storage with database implementations — in many cases, with little or no control over data protection afforded to customers — whereas PaaS and IaaS providers often offer individual virtual disk volumes, along with a variety of cloud-native blob, database and large-scale storage resources.

Additionally, enterprises have to choose among an assortment of controls, most of which are specific to the cloud service types and CSPs they use. Any cloud data security strategy must include the following:

  • evaluation of encryption types and availability;
  • encryption key management services and options available within the cloud;
  • data lifecycle and archival options;
  • backup capabilities;
  • data loss prevention (DLP); and
  • data storage monitoring.

Key components to ensure data security in the cloud

When devising a strategy for data security in cloud computing, keep the following general cloud security considerations in mind, as well as some specific SaaS, PaaS and IaaS considerations.

Multifactor authentication for every cloud

For all cloud environments, require multifactor authentication (MFA) for any privileged users accessing cloud services or performing administrative activities, at minimum. Ideally, require MFA for any end user accessing the cloud. Keep permissions and security controls up to date, and ensure security measures are documented in a cloud security policy.

Ideally, all SaaS cloud access should be brokered through a cloud access security broker, if possible, to enable DLP, content filtering, malware protection and …….


Posted on

Leave a Reply

Your email address will not be published. Required fields are marked *