(Corporation, 2015)”As more companies embrace the cloud, IT executives must be ready to protect information in the cloud”, the IT model continue to change to providing of information on a “just-what’s-needed”, “just-in-time” basis from a centralized servers consolidated in the cloud. As this development is happening, IT data are being migrated to the new client-server. In many ways, it is a very different world, involving technologies linked to the cloud as well as the cloud itself. IT research groups refer to it as “Nexus of Forces”: cloud, mobile, social, and information. While Market Research organization such as IDC calls it the “3rd Platform.” Whatever tag is used, most analysts agree that the convergence of mobile computing, social networking, cloud services, and big data analytics has fundamentally altered the way we do business and live our lives. The step that organizations are embracing is adoption of the cloud as the platform of choice and adopting new technology realities for data storage. They are admitting that they no longer own or manage most of their applications because apps such as Sales force, Box, and Office 365 now do it in the cloud. IT organizations are also beginning to contract out management of their infrastructures because, to stay competitive, they need to take advantage of the benefits provided by cloud vendors such as Amazon and Rackspace.
Yes, the cloud is quickly transforming the way business gets done. Even though all this processes are new, business leaders are developing strategies to achieve information protection in the cloud. Following is a framework IT executives can use to keep their information secure.
Cloud security relies on three keys which are identity protection, data protection and Correlation Engine. in other to have a successful strategy for data security this keys will have to be put into a high consideration to produce a quick automated responses for a bridge in the cloud.
ID protection is the step of security. With security measure being taken, access are being restricted to authorize parties only and provide then with a flexible and transparent login steps. This process behind the authentication is easy and effective, and limit the risk posed by users. It enables analyst to identify the party responsible for the suspicious or risky action and access the data is being tempered with and device so that quick response can be taken to how to stop it from creating harms. But Identity protection alone is not enough. Data must be protected, as information is everywhere.Therefore strategy must be developed to protect by including a cloud-friendly information protection. Providing only the relevant information to right users only. ‘A correlation engine enables detailed tracking and correlation of activities by users’. This should not only associate identity-centric and data-centric but also context or intelligence.Identity and data intelligence should be developed with context increases in quick detection, that can generate actions to quickly rise notification.
Secured organization, mostly the ones that adopted the hybrid cloud model, do have upper hand in quick detection and injecting prevention measures in the network, which in a best-case scenario, protects information by monitoring access attempts and tracking how data is being used as strategy that identifies external threats and analyze activity on endpoints, with regular evaluating processes for improvement and continually enlightening employees to update their security IQs.
Reference:
Corporation, S. (2015) WHITE PAPER: PROTECTING CORPORATE INFORMATION IN THE CLOUD .Available at: https://www.symantec.com/content/en/us/enterprise/white_papers/protecting-corporate-information-wp-21354920.pdf (Accessed: 20 June 2016).