Protecting Data in the Cloud

Julian Weinberger, Director of Systems Engineering, NCP engineering

435

725

151

Join CIOReview Contributor Network

Julian Weinberger, Director of Systems Engineering, NCP engineering

According to Cisco, 69 percent of all applications will reside in the cloud in 2017. As more information flow non-stop between physical mobile and Industrial Internet of Things (IIoT) devices to virtual repositories in the cloud, corporate IT departments struggle to manage and protect all that data.

A look at the Ponemon Institute 2016 Global Cloud Data Security Study revealed organizations still have plenty to do when it comes to data security. The study found that nearly half of cloud services in the enterprise are outside corporate IT’s domain, while around 47 percent of corporate data stored in cloud environments are not managed by the IT department.

Cloud computing is attractive to enterprises for cost efficiency as well as its flexibility in allowing employees and customers 24/7 access to information and services. However, the security challenges can be significant.

For example, hackers have occasionally been able to exploit poor cloud security practices to harvest customer financial data such as credit card and bank account details. In some instances, they have hijacked personal data stored in social media accounts and used it to impersonate someone in the name of fraud.

IIoT Security

IT managers are often uncertain of which measures are meant to secure what data. When it comes to data protection in the cloud, where there’s doubt there’s vulnerability.

Effective security for cloud data demands a holistic approach and recognizes that not all data is vital. Organizations should divide their data into different categories. For customer credit card information that is identified as highly sensitive, multiple layers of protection with the highest levels of monitoring and control should be enforced. The same holds true for all other business-critical data.

One of the most effective ways to protect data in motion is with encrypted tunnels using a Virtual Private Network

Judging from the number of cloud data breaches in the news, corporate IT departments have more to do to protect data as it flows dynamically between cloud applications, mobile devices, IIoT and corporate databases.

A variety of cybersecurity measures are needed from robust data policies to ensure IIoT devices have security built-in, from multi-factor authentication to strong encryption. Interfaces and APIs are a vital part of managing, orchestrating and monitoring cloud services.

VPN Management

One of the most effective ways to protect data in motion is with encrypted tunnels using a Virtual Private Network (VPN).

Not only does VPN software integrate easily with existing corporate systems, it also secures data traffic at device-level. This ensures information stays encrypted and private as it passes between cloud applications and the IIoT and mobile devices that access them.

VPNs provide protection for interfaces and APIs, as well as secure authentication. For further convenience of device configuration, software distribution and scalability can be managed remotely through centralized management.

In summary, enterprise IT departments are still trying to understand the change in mindset that managing and securing data now routinely moves between multiple devices, corporate databases and the cloud.

Classifying different types of data and treating them differently is a useful start. IT departments should enforce protection, authentication and security for all connection points using a VPN. VPN software creates encrypted tunnels for sensitive data to flow between the organization and multiple destinations to the cloud and back.

This greatly reduces an organization’s overall risk exposure for data passing through the virtual world of the cloud.