The first blog of this series discussing the role of data security in the cloud can be found here.
In 2014 and onward, security professionals can expect to see entire corporate perimeters extended to the cloud, making it essential to choose a service provider that can deliver the security that your business needs.
While organizations can let business needs trade down security we’ve begun to see how a recent slew of data breaches are encouraging greater vigilance around security concerns. For example, a recent CloudTweaks article highlights the need for organizations to be confident in their choice of cloud providers and their control over data. IT leaders have the power to control where sensitive information is stored. They also have the power to choose how, where and by whom information can be accessed.
Institute Control By Asking the Right Questions
However, adding to fears about ceding the control of data to the cloud is lack of transparency and accountability about how cloud hosting partner/ providers secure data and ensure a secure and compliant infrastructure. Cloud consuming organizations often don’t ask enough questions about what is contained in their service-level agreements, and about the process for updating security software and patching both network and API vulnerabilities.
Organizations need reassurance that a cloud provider has a robust set of policies, process and than is using automated as well as the latest technologies to detect, thwart and mitigate attacks, while in progress as well as be prepared to mitigate after an attack.
Tags: 2014 annual security report, CIO, Cisco Security, Cisco Security Grand Challenge, CiscoCloud, CiscoSecurityGrandChallenge, cloud, cloud security, cloudtweaks, data security, Gartner, InternetofEverything, IoT, ITaaS, Network World, SecChallenge, security, Service Provider