On April 22nd, I’ll be presenting at the annual RSA Conference in the Expo Briefing Center on “Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control” (session ID CSV-W02). In this session, I’ll cover the cultural changes that organizations should adopt in order to address the complex issues surrounding data access in the cloud.
Data in the cloud is not the same as data stored in traditional on-premise data centers. While that is fundamentally easy for organizations to accept, far too many are slow to change how they assess and manage security in the cloud. They instead try to apply legacy controls that worked for traditional IT environments to the cloud – forcing a square peg into a round hole.
Things like the virtualization layer in private clouds and the management layer in public ones represent a new kind of privileged infrastructure, which leads to a new breed of privileged users, which ultimately leads to new opportunities for security failures if the correct approach isn’t taken.
I hope you’ll join me at 9:10 a.m. in Room 2014 to learn what you can and can’t control in the cloud.