We are free of charge but before you start please donate $5 to help others! Help us. Make a Difference.
Helping others is the first step in making the world a better place and improving the lives of those who aren’t as lucky as you. But it’s also shown to bring about a wealth of benefits for those who choose to help and might just be the key to happiness! We are helping all over the world.
Ameesh Divatia is Co-founder & CEO of Baffle, Inc., with a proven track record of turning innovative ideas into successful businesses.
Infrastructure has been in the headlines recently as the White House is aggressively making plans to modernize road, broadband, water and manufacturing needs. The recent bipartisan Senate agreement for a $1 trillion infrastructure deal is the latest example of this trend. With infrastructure top of mind, it reminded me of how companies must address new challenges to help them adjust to working in a cloud environment.
Growing pains have emerged, with many organizations moving to the cloud for business continuity since the start of the pandemic. Sometimes expediency takes precedence, and flipping the switch from an office setting into a virtual workplace pushes cloud infrastructure hygiene to the “we’ll get to it later” category. That has certainly been the case over the last 18 months. However, cybercriminals view such oversights as opportunities and will stop at nothing to steal vulnerable data.
Here are some ways companies can build a secure cloud infrastructure that will position them to take full advantage of the many benefits cloud migration has to offer:
1. Implement a DataSecOps approach.
It is infinitely easier to prevent potential challenges than it is to deal with them after the fact. That’s the basic premise of a DataSecOps approach, which calls for IT and data scientists to work together as the cloud infrastructure is built and includes data protection as an integral part of every decision. By weaving privacy and security into the cloud infrastructure’s DNA, companies are taking the proper measures to protect data at all times.
MORE FOR YOU
2. Differentiate between security and privacy.
Sometimes the terms “security” and “privacy” are used interchangeably, but it is vital to understand the nuances between the two when building a secure cloud infrastructure. Data privacy is associated with ensuring that personally identifiable information (PII) stored in the cloud is hidden. Privacy regulations, such as the EU’s GDPR and the California Consumer Privacy Act (CCPA), dictate what data is considered private and that the data remains pseudonymized at all times.
Data security, on the other hand, pertains to specific protections that have to be built into the infrastructure to prevent data from being stolen. Building a secure cloud infrastructure is predicated upon understanding the right mix of privacy and security measures, which can vary based on an organization’s industry and the specific regulations to which it must adhere.
3. Define and understand responsibilities.
Many organizations aren’t clear on how to protect data in the cloud. The natural assumption is that the cloud provider will handle security, but that is not the case. When migrating to the cloud, most providers lay out a shared responsibility model for protection, meaning the provider is responsible for specific security areas and the company is responsible for others. In most cases, the cloud provider is responsible for securing the cloud itself, while the user is responsible for protecting the data that resides within.
4. Incorporate a data security mesh.
With much of the workforce going remote — and supported by the cloud — protection can no longer be a “secure the perimeter” strategy. Every element of the infrastructure, application, network and data store must be individually protected, leading to the concept of a data security mesh. With its any-to-any connectivity capability, data records are protected regardless of the cloud or the data store where it originates, where it is or how it is being stored or processed.
This is a relatively new strategy, so it is critical to vet potential technology partners stringently and ensure they have a track record of protecting data at the record level.
5. Protect the data analytics pipeline.
Data analysis represents unprecedented opportunities to gain insight into customer needs, potential product improvements and emerging industry trends. However, data’s value is tied directly to an organization’s ability to process it, so it is necessary to employ appropriate protection methods from the moment unstructured data is ingested into the pipeline through its refinement downstream — where the data’s value emerges.
Depending on where data is in the pipeline, approaches like data masking, encryption and tokenization can make data unreadable to those without authorization to access it. So, should a breach occur, the data is of no value to someone wishing to steal it.
The mass cloud migration represents one of the most monumental business shifts and, as with any change, adapting to it takes time and results in challenges. Building a secure cloud infrastructure requires a new way of thinking about data protection. However, with the potential value cloud data represents, the investment will pale in comparison to the return on investment fully protected data can yield.