Providing Insight Into the Cloud Computing Security, Privacy and Related Threats

Cloud Security Journal

Subscribe to Cloud Security Journal : eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Cloud Security Journal : homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Cloud Security Authors: Ravi Rajamiyer, Liz McMillan, Elizabeth White, Shelly Palmer, Shelley Perry

Related Topics: Cloud Computing, Cloud Security Journal , Storage Journal

Blog Post

File Governance Policies and Features By @JimLiddle | @CloudExpo [#Cloud]

It seems that not a week goes by without another high profile data breach or revelation about lax security

Five File Governance Policies and Features Companies Must Have

It seems that not a week goes by without another high profile data breach or revelation about lax security, both on premise and on-Cloud.  Given this companies should, at a bare minimum, consider implementing the following 5 file governance policies in place in their company to aid with file security:

1. Secure Identity Management: Ensure that an Identity Management policy is in-place, is clear, and if one exists that it is validated and checked regularly.

Check whether services and applications can take advantage of existing Identity Management to enable a Single-Sign-On (SSO) rather than promoting Identity Management Sprawl.

2. Understand Access Control Perimeters: Over time User Access Control to files / folders / systems can change.

Ensure there is a policy in place to regularly check these and ensure guest user access is regularly monitored as part of this policy. Guest access in many companies can prove to be huge security hole.

3. BYOD / BYOC: The curse of data assets finding there way onto users consumer clouds should be controlled. Consider adding a section to an employment letter outlining the policy and actions taken if breached.

If consumer type services such as DropBox have ended up being used in house ensure that user access to folders is checked as it is all too easy for users to continue to get access to company data when they are, for example,contractors that have since left the company.

4. Links for file sharing: Promote the user of trackable links for file sharing. Services such as Storage Made Easy can be used to provide audible trackable links for files irrespective of where they are actually stored. If links are used they can be password protected or time expired for additional file security.

5. Understand data boundaries for what is stored Cloud: Understanding or promoting boundaries between the types of content that is sensitive and that should remain in-house and what can be used on Cloud is sensible but can prove hard to implement.

Consider encrypting all data that is stored on Cloud Services with the private key stored securely behind the company firewall.

A company's data is it's core asset. It pays to protect who has access to it, what type of access they have, what they do with it, and what they have done with it.

More Stories By Jim Liddle

Jim is CEO of Storage Made Easy. Jim is a regular blogger at SYS-CON.com since 2004, covering mobile, Grid, and Cloud Computing Topics.