5 Tips for Developing a Cloud Security Strategy - InformationWeek
IoT
IoT
IT Leadership // Security & Risk Strategy
Commentary
3/9/2018
07:00 AM
Larry Alton, business consultant
Larry Alton, business consultant
Commentary
50%
50%

5 Tips for Developing a Cloud Security Strategy

If you are getting started with the cloud or just concerned about security, here are five steps to consider in your security strategy.

While the cloud may be innately more secure than on-premise storage, it’s not foolproof. As recent incidents have shown, hackers have ways of compromising cloud data and running otherwise healthy businesses into the ground. If you don’t have a cloud security strategy, you’re becoming increasingly vulnerable to the possibility of an attack. Coming up with a plan can greatly reduce risk.

Developing a robust cloud security strategy

You may assume that your greatest cloud security risks involve choosing the wrong cloud solutions and working with vendors that fail to offer maximum protection, but the onus is actually on you. Gartner research shows that, through 2020, 95% of cloud security failures will be the customer’s fault.

Coming up with a robust security strategy will help you avoid common security failures and enjoy the freedoms and advantages that come with operating in the cloud. Here are some pointers:

Involve all key stakeholders. Securing your business in the cloud is a lot like building the hull of a boat. A single hole – no matter the size – can sink what is otherwise a perfectly built ship. In terms of cloud security, a failure to account for all stakeholders and how they’re involved with your organization will lead to a compromised strategy.

Identify vulnerabilities. You don’t help anyone when you ignore the risks your company faces. Put all vulnerabilities on the table so that you can create a strategy that accounts for both your strengths and weaknesses.

Invest in regular training. The cloud is continually changing, which means our stance on cloud security should be evolving as well. You can’t just implement a cloud security strategy and then let it run its course. In order to stay secure, your employees need to go through regular training.

The key here is to make sure the training sticks. While it may seem odd or archaic in today’s learning environment, it’s actually better to go with printed training materials over electronic modules. Research shows that screens inhibit reading comprehension and knowledge retention, whereas paper-based content produces greater results. Creating training booklets and disseminating them to employees is a good way to keep employees abreast of what’s happening.

Prioritize data privacy.  Data privacy isn’t something you can play around with. Depending on the industry you’re in, which local and state laws apply, and what different regulatory bodies demand, you may be limited in terms of the customer data you can store and how you store it. Keep this in mind when brainstorming a strategy.

Use a layered approach to security. The only realistic way to keep your business secure in the cloud is to take a layered approach that safeguards you in the instance that one or more high risk scenarios unfold.

“Deploy private connectivity instead of a regular internet pathway to a cloud provider’s network,” Charles Cooper writes for CSO. “At the same time, protect all of your mobile endpoints with anti-virus and anti-malware applications. Lastly, add EMM (enterprise mobility management) to track and disarm mobile devices that get stolen or lost.”

It’s also a good idea to encrypt all stored data so that valuable information doesn’t end up in the wrong hands if the cloud is breached.

Don’t skimp on security. It’s not enough to transition your business to the cloud. If you’re going to invest in the cloud, you also need to invest in cloud security to protect your data and promote privacy. Hopefully, the advice in this article will give you the information you need to get started.

If you feel like you’re underprepared, you may consider working with a security consultant to ensure you get things moving in a positive direction from the start.

Larry Alton is an independent business consultant specializing in tech, social media trends, business, and entrepreneurship. Follow him on Twitter and LinkedIn.

The InformationWeek community brings together IT practitioners and industry experts with IT advice, education, and opinions. We strive to highlight technology executives and subject matter experts and use their knowledge and experiences to help our audience of IT ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
AI & Machine Learning: An Enterprise Guide
James M. Connolly, Executive Managing Editor, InformationWeekEditor in Chief,  9/27/2018
Commentary
How to Retain Your Best IT Workers
John Edwards, Technology Journalist & Author,  9/26/2018
Slideshows
10 Highest-Paying IT Job Skills
Cynthia Harvey, Contributor, NetworkComputing,  9/12/2018
Register for InformationWeek Newsletters
Video
Current Issue
The Next Generation of IT Support
The workforce is changing as businesses become global and technology erodes geographical and physical barriers.IT organizations are critical to enabling this transition and can utilize next-generation tools and strategies to provide world-class support regardless of location, platform or device
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll