IT Trends & Technology Blog | FNTS

Best Practices for Safeguarding Enterprise Data in a Multi-Cloud Setup

Written by Don Pecha, CISO | February 1, 2019

 

Moving your enterprise data to the cloud can bring with it a number of benefits to your operational costs and the management of your information technology footprint. In fact, 83 percent of enterprise workloads will be facilitated via the cloud in 2020, according to a LogicMonitor study. However, with this growth in cloud services can come substantial risk.

Fortunately, by following some key best practices, such as those laid out in this article, you can help your organization take the necessary steps to strengthen your data security and mitigate the potential vulnerabilities of operating in the cloud.

Create a Data Inventory

Every day, organizations generate volumes of new financial, customer, and operational data. Data secured on premises can be monitored directly by your own IT administrators and security professionals; having a cloud services provider serving as the custodian of your data means you need to have a strong grasp of what types of data are stored and what controls are in place to secure each dataset.

Create a data inventory to help identify where primary and backup data is stored, the frequency of back-ups, file types, file locations, and access controls, as needed. This will allow your organization to not only monitor where your data is, but prove it to compliance regulators, partners, and customers upon request.

Back Up Data Regularly

Regardless of whether your data is in a public or private cloud or which provider you use, understand that data recoverability is still a joint responsibility between your organization and your cloud services provider. To that end, and as part of both your business continuity and data security policies, use your data inventory to identify how often to back up your data—critical data should be backed up more frequently, for example—and where those backups should be located to provide geographic diversity. Also consider the trade-offs between full, incremental, and differential backups to meet your data accessibility needs.

Whatever your plan, make sure your cloud service provider understands your business and your regulatory requirements, and do not hesitate to ask to see their data centers or policies yourself to make sure they align with your needs. Finally, at predetermined frequencies, conduct planned failovers to backed-up data to ensure that your data is available before a real situation strikes.

Choose a Partner with a Good Reputation and Solid Security Standards

Just like your own organization, your cloud services provider needs to have sound management and solid security practices baked into their culture. As you would with any business you decide to partner with, work to understand their reputation in the industry and the soundness of their financial position so you can trust they will be ready to be the long-term partner you need. While you are at it, ask for confirmation about their data center availability, how customers can escalate issues for resolution, and how customers can get the answers they need when they need them.

Taking the time to understand their governance model, customer philosophy, and financial standing can help you to rest easy knowing your data is in good hands.

Use File-Level Encryption

Once a must-have only for businesses in healthcare or financial services, file-level encryption now can form the backbone of your security posture before your data is uploaded to the cloud.

Cloud providers often offer encryption of the data they host. However, as the owner or custodian of your business’ data, it’s up to you to select the level and type of encryption that meets your needs and compliance regulations before it moves to the cloud.

Secure Devices That Can Access the Cloud

It is important to ensure that the devices and users that can access the cloud resources have advanced security controls in place to protect the confidentiality, integrity, and availability of the data. At the user level, identifying specific, role-based user access controls as well as geographic and even time-based limits can help to ensure data is only accessible to those in roles that need it.

This can be paired with strong password requirements that also extend to mobile devices, applications, USB drives, and other removable media, as well as remote access tools and VPNs that can access the cloud services.

Incorporating risk-based, business-driven solutions that enforce MFA, enforce least privilege and incorporate identity into decisions made before granting access to users can help organization manage their cloud deployments.  Where possible, look to automate by leveraging API’s or investigate how an Integration-as-a-Service platform can simplify API security and management.

Taking the Next Step

Moving your enterprise data to the cloud has the potential to be one of the best business decisions for your organization, but it isn’t one to be taken lightly. Taking the time to understand its implications for your data’s security, availability, and integrity should be a top priority, along with selecting a partner that has a customer-centric focus. FNTS can easily check both of these boxes with their certified and fully redundant data center, which offers 99.99 percent availability, and their experienced, hardworking staff. To learn more about FNTS and cloud storage options, visit the website here.