Another major source of cloud data
loss? Improper identity, credential and
access management, which can enable
unauthorised access to information via
unprotected default installations.
Now that we have the bad news out the
way, how about some good news? To
combat these threats, there are a few
standard best practices IT teams can
focus on to secure the modern day
cloud. First and foremost, IT should
focus on controls and data management.
Security starts with process:
Controls and data management
To start a cloud security strategy off on
the right foot, the right controls for cloud
architecture need to be in place. Cloud
security controls provide protection
against vulnerabilities and alleviate
the impact of a malicious attack. By
implementing the right set of controls,
IT teams can establish a necessary
baseline of measures, practices and
guidelines for an environment. These
controls can range from deterrent and
corrective to preventative and protective.
In tandem with controls, IT teams need
to establish a process or system for
As the use of cloud
services grows,
it is critical to
understand how
much data now lives
in the cloud.
continually monitoring the flow of data,
since insight into data and how it is
managed is vital to the success of any
cloud security strategy. A robust data
loss prevention (DLP) tool can help
organisations secure data by extending
on-premises data loss prevention
policies to the cloud for consistent DLP,
protecting sensitive data wherever it
lives, tracking user behaviour and more.
Solving for visibility, compliance
and data protection
When it comes to securing data in the
cloud, visibility and compliance must be
top of mind for IT teams as well. Teams
need to gain visibility into the entirety
of applications and services in use, as
well as have proper insight into user
activity to have a holistic view of an
organisation’s existing security posture.
They also need to be able to identify
www.intelligentciso.com | Issue 27
75