by Angela Guess
A new article offers five steps for creating a data governance framework for cloud security. It begins, “Cloud computing is a significant technology trend that is set to dramatically change the nature of business. We have witnessed a recent spate of high-profile security attacks and data security breaches – from Amazon to Epsilon – and as worrisome as these incidents are, they are not as worrisome as the reputation of cloud computing being insecure. In fact, cloud computing seems to have become a scapegoat for failed security measures. On closer examination of some larger incidents, it’s clear that many data breaches are a result of inadequate cloud security practices.”
The first step to creating a security framework s understanding the insider threat and setting policies to address it: “This may sound trite but it is the first step for good reason; insiders pose tremendous threat not only due to malicious behavior, but to inadvertent changes that could ultimately cause significant damage or risk to an organization. According to Verizon’s 2011 Data Breach Investigations Report, 17% of data breaches in 2010 were caused by insiders. To create a powerful cloud security platform, organizations must develop strong policies that do more than just tick a compliance box. Create awareness amongst all employees about what security means, how it can affect the organization and what they can and must do.”
Read the next four steps here.
