Spring cleaning your cloud security strategy
Author: Corey Markell
Next week, the TITUS team will participate in Google Cloud Next ‘19 in San Francisco. Through our work with customers worldwide who use our TITUS Classification Suite, we continue to hear more about the challenges and unique requirements of organizations leveraging cloud solutions, including those offered by Google.
In a recent TITUS blog post, Senior Marketing Manager James Phillips captured some of these challenges. He pointed out that for years, the cloud security conversation focused only on one thing: access. “The idea was that if the business controlled who had access to a particular cloud service (be it public or private), then the information contained therein would be secured. However,” James wrote, “high-profile data breaches continue apace.”
James’ commentary captures the hard truth – bad actors continue to develop and execute sophisticated strategies to overcome access controls. Despite the increase in funds allocated every year to battling data breaches, the number of breaches continues to rise. Clearly, this approach is no longer effective.
It is no longer enough for companies to take a reactive position when it comes to cloud security. Continually re-examining cloud strategy enables companies to ensure they’re properly aligned with their current reality, which is unique to each company. The first step of that examination must include a hard look at data.
It all comes back to data
You’ve read it everywhere – data is the ‘new oil’ and one of an organization’s most valuable assets. So it shouldn’t come as a surprise that the first and most critical step to considering cloud security is to consider what data lives in the cloud. Moreover, if there is data in the cloud, where does it exist and how is it protected? Is this sensitive data (i.e. proprietary data, customer information, etc.)?
When we talk about data, there are two major categories: structured and unstructured. Structured data typically resides in a fixed field within a record or file and includes data contained in relational databases and spreadsheets. Because of the way it is organized, it can be easily entered, stored, queried and analyzed.
But this isn’t the data that causes the highest amount of concern. Unstructured data – that which resides in email messages and documents created at every level of an organization – is often difficult to find and track as well as difficult to categorize. It’s details in the notes of a PowerPoint slide that’s shared around a team, it’s HR paperwork, and on and on. That type of data is not easy to simply pluck out and protect. As you can imagine, this data can be highly sensitive, yet it often moves between cloud and on-premises solutions and between users (both internal and external).
It’s easy to see why it becomes so critical for organizations to understand the sensitivity of their unstructured data, which is usually something best identified by the person who created the document, email or file. Addressing this challenge is a critical reason why many organizations deploy our data classification solution for G Suite, which enables users to easily add context to information while they’re working across Gmail, Google Docs, Sheets, Calendar and Slides, adding robust security measures to protect regulated and corporate confidential data they create and share. But that’s only the first step…
Cloud security revamp
Once an organization understands what data they have and what truly needs to reside in the cloud, TITUS recommends that cloud security initiatives take a three-pronged approach:
- Deploy cloud access security broker (CASB) technologies to control or block public cloud access and to enable a private cloud with appropriate access rights.
- Lean on encryption technologies to protect data as it moves to and from the cloud, between clouds, and also as it is sent in email to external contacts
- Look to intelligent identity and categorization tools that make use of machine learning to identify data as it is created, used and stored, and to help refine its sensitivity level through context setting and customization
All of these elements work together to provide an end-to-end strategy to protect an organization’s most sensitive data. It’s also the reason TITUS engages with strategic technology partners, to create an open ecosystem of best-in-class security companies that complement TITUS core capabilities. This gives customers freedom of choice to leverage their preferred security providers along with TITUS to build robust data security that fits their unique business needs for data protection.
How to learn more
I encourage you to visit our team next week at Google’s Cloud Next show April 9-11, where undoubtedly cloud security will be a hot topic. I invite you to stop by Booth S1821 to talk to our experts about how you can develop a proactive approach to cloud security founded on identifying and understanding your organization’s most critical data.
Interested in our G Suite solution? Download the data sheet here.