Ever looked closer at what everyone seems to be saying about the cloud, everything that comes from people’s mouths is only the good side. Well the pleasure is ours in telling you some of the hard truths that you won’t hear much but will probably have you crying if your foot lands on the wrong place.
3 ways to screw up data security in the cloud
Here are the three key mistakes enterprises make around cloud data security, and how to avoid making them.
Mistake 1: Failing to understand the data you need to protect
Your data security must match the type of data you are securing. Data security approaches are vastly different, depending on the types of data that you are managing. If you try to use a single security model on all your types of data, you will likely spend more than you should, under protect your data, or violate its legal and compliance requirements — or any combination of these three risks.
Mistake 2: Failing to consider data in flight
Many enterprises encrypt the data at rest (that is, stored) but fail to deal with data in flight (that is, moving from place to place). Unless properly protected, data in motion on a network can be easily read by hackers or unauthorized employees.
Mistake 3: Failing to bind data security to other security levels
Data security should be part of a larger security strategy and technology set. So take the time to figure out how to link to other security components and models. If you don’t link the specifics of data security to the overall security strategy and implementation, you’ll end up with vulnerabilities. Remember, security needs to be holistic and proactive…read more here
Often, IT outsourcing gets you a company that has figured a fix-it-all service that will have all your security and storage issues resolved as soon as you sign the contract. The truth about such companies is they usually do not know much about the cloud and security issues as much as they think they do. It is usually better to go for one company that acknowledges this hard to swallow fact.
Sorry, but there’s no universal cloud security solution
I often hear about cloud-based security solutions that solve all security problems. It’s a simple fact that such an animal does not exist.
Why? Because the problem domains are just too different. Therefore, security requirements are different as well. If you try to push the same security solution across all workloads, you’ll find it doesn’t work across them all — and that’s if you’re lucky. If you’re not lucky, you won’t know until it’s too late where the solution doesn’t work.
Your applications are built with very different programming engines, databases, and middleware, and all those attributes help determine the type of security solution you should use. That brings in (necessary) complexity, which makes using “standard” security tools and processes an impossibility most of the time….
…Today’s best model for security includes the use of identity and access management (IAM), which is based largely on the requirements of the workloads. IAM systems are very configurable, so they can be different things to different cloud workloads. That’s a good thing, but it means you’ll have to do a lot of customizing because nothing will work out of the box…
…You should expect to deal with dozens of security tools and models to get security right for your cloud projects — just as you should for your on-premises technologies. There’s no free lunch….read more here
It’s not too bad as soon as one agrees to the sad facts discussed in the body above, security is becoming one of the most crucial elements when handling any type of data, especially in the cloud.