Technical Cloud Security: Data protection in the cloud
This is the fourth in a series of videos and blogs looking at some technical aspects of hybrid cloud security. Today we will discuss the need for data protection in the cloud. Other videos in the series can be found by searching for the tag cloudsectechvideos.
Some of the challenges that organizations are faced with when moving into the cloud are around how to protect corporate data, and what will happen to that data if the organization were to be breached. Before the decision to move into the cloud is made, a full data classification needs to take place to allow the organization to understand where their core assets are located, and what the impact of moving the data into the cloud would be. It’s important to take into consideration the value of the data both to the business, but also to cybercriminals, and understand how that data relates to the compliancy regulations that the organization will need to comply with.
Data encryption can provide a solution to many of the worries that organizations have, but any approach to data encryption needs to take into consideration data at rest, data in motion, and data in use. Traditional approaches to data security have tended to focus on individual aspects of the data security lifecycle, often leaving gaps in the approach, which could theoretically leave the cybercriminal with access to data that he otherwise shouldn’t be able to see.
Read the entire article here, Technical Cloud Security: Data protection in the cloud
via the fine folks at HP Enterprise.