Taking a Data-Centric Approach to Cloud Security
The pandemic and resulting migration to remote work emphasized the importance of having a digital transformation process in place. The companies that did so appeared to be the companies that had the smoothest transition. Cloud computing played a pivotal role, allowing employees to have the access they needed to do their work.
The downside was the lack of cybersecurity effort. McKinsey research found that 70% of CISOs saw their budgets shrink in 2020 and, while they’ll ask for more help in 2021, they expect their budgets to go down, regardless. At the same time, Trend Micro reported nearly a quarter of all organizations were hit with seven or more cyberattacks last year, and 83% believe those attacks will be successful in the coming year. One of the top areas of the IT infrastructure at risk is the cloud and, in turn, the data in the cloud.
Concerns about cloud computing security come as data becomes a more valuable asset. Gartner reported that by 2020, 90% of companies will “explicitly mention information as a critical enterprise asset and analytics as an essential competency.” That’s a sharp change from the 50% who put such a value on data in 2019.
As the value of data rises (not to mention the increasing regulations surrounding data privacy) and cloud infrastructure becomes more vulnerable to cyberattacks, security teams need to rethink their approach to protecting information, especially as the workforce continues to work remotely. One solution is to use a data-centric approach to cloud security.
Security at the Data Level
Security at the data level has never been more important. While many organizations have layered information security technologies at the office, there are still gaps in this new distributed work environment. Data-centric security can do a lot to close those gaps.
Traditional security approaches primarily aim to fortify the network perimeter, and are predicated on the fact that there is a defined boundary within which the data will stay, explained Dr. Anhad Singh, PKWARE’s Global Technical Leader, Partners, in an email interview.
Remote work, on the other hand, challenges this notion, because when accessing data from any remote location in the world, employees are effectively stretching the enterprise network to remote machines that may or may not be secure. Furthermore, remote work means that the organization’s data is now flowing across borders and potentially subjected to a variety of different compliance laws and unknown breach threats.
“So, rather than only securing the network or at the source repository, it is critical that the data itself be protected via masking, encryption, tokenization, redaction, etc.,” said Singh. “This way, even if the data is lost or stolen, it is still useless because either the bad actors cannot re-identify the protected data, or the data has been stripped of all the sensitive and personal information.”
Improving Cloud Security
The cloud is ubiquitous, so no matter where you are, access to your cloud data is guaranteed. However, the safety of the system or network you are using to access the cloud data is an unknown.
“By centering the security on data itself, you are ensuring that either all the personal and sensitive data is stripped, or if it does exist, that only the authorized users can see the data, even though it may be flowing through unprotected networks,” said Singh.
Because you can’t manage what you cannot see, said Singh, the first step in the journey of cloud data protection is finding and taking inventory of exactly what data exists, and where.
“This is crucial, because understanding this allows security teams to build and implement the right controls,” he said. “The real data should not exist, so data masking and/or redaction is a better strategy than tokenization or encryption that is much more suited to production environments.”
Also, ongoing monitoring can help to proactively detect and block unauthorized access, and the collection of sufficient metadata is useful for forensics in case some unauthorized activity goes undetected.
Data management is key to protecting data in the cloud. Modern data management solutions should incorporate vulnerability management tools, explained Trevor Bidle, CISO for US Signal, in an email comment.
“Best-of-breed solutions should utilize threat intelligence to become proactive and identify and prioritize vulnerabilities dependent on their criticality. This allows companies to recognize their systems’ weak points and rectify them before the cybercriminals spot them,” Bidle said.
Finally, companies should consider cloud tools like disaster-recovery-as-a-service (DRaaS) and automatic data backup archive-as-a-service (AaaS) to address data-centric protections. “AaaS benefits from the ability to render data immutable to protect it from cyberattacks – and securely store data without increasing bandwidth costs,” said Bidle.
As the danger of cyberattacks continues to grow in the new year, it is important to revisit your data management and security strategies. This will help you stay one – or more – step(s) ahead of digital adversaries, and ensure your most valuable asset will stay protected and secure.
