3 Steps to Securing Data in the Cloud

In a recent blog post, I shared the reasons why you can’t secure data in the cloud with old school technology. So what do you do when your organization’s data leaves your network and moves to the cloud?

To maintain control of your data and achieve compliance, follow these three steps for securing data in any cloud environment:

STEP 1 – Control Access to Cloud-based Applications

Like many businesses, your company likely wants to take advantage of cloud-based SaaS applications, such as SalesForce, Microsoft Office 365, and Amazon Web Services, to support employee mobility and easily scale to meet business needs.

But, you can’t risk exposing sensitive company data to unauthorized users.

Strong multi-factor authentication ensures only approved users can access the company’s cloud-based applications.

CLOUD AUTHENTICATION STAT TO CONSIDER

Only 54% of organizations use multi-factor authentication to secure employee and third-party access to applications and data in the cloud. This means they are still relying on static user names and passwords to control access.*

STEP 2 – Encrypt Sensitive Data Wherever It Goes

Your company is probably finding more value in data than ever before. However, as more of it is produced, processed, and stored in the cloud, it also becomes a prime target for attack.

Encryption is a critical last line of defense because it applies protection and access controls directly to the data wherever it resides or as it moves across the company’s cloud, hybrid, virtual, and on-premises environments.

CLOUD ENCRYPTION STAT TO CONSIDER

For SaaS, the most popular type of cloud-based service, only 34% of IT pros say their organization encrypts or tokenizes sensitive or confidential data directly within cloud-based applications.*

STEP 3 – Own, Manage, and Secure Encryption Keys

With your company’s sensitive data encrypted, your team needs a new way to manage and securely store the encryption keys used to protect your data across cloud, hybrid, and on-premises environments.

You also want to ensure that the ownership of these keys stays with you, not a cloud provider or any third party vendor. With enterprise key management, you can centrally manage your keys and data in the cloud.

A tamper-resistant hardware security module provides an additional layer of security for key storage and cryptographic operations.

CLOUD KEY MANAGEMENT STAT TO CONSIDER

Only 55% of organizations say they control their keys when data is encrypted in the cloud.*

Ready to take control of your data and maintain compliance in any cloud environment? Download our eBook, Your Data. Their Cloud. 3 Steps to Securing Data in Any Cloud Environment, to find out how to get started.

* Stats cited are from The 2016 Cloud Data Security Study released by the Ponemon Institute and Gemalto in July 2016.