This blog was written by Ben Cody.
If anything has been proven in recent years, it’s that you don’t have to worry about a data breach happening, you have to count on it. The latest incident involving cloud storage vendor Dropbox casts an onerous spotlight on several issues facing enterprise security experts. Beyond the corporate password issue, the real question is what’s going to happen to all that data just waiting to be expunged?
We’re All in This Together
First things first, the Dropbox security team is in good company. Security pros face an average of six breaches over the course of their careers—with more than 60% of those breaches requiring public disclosure. And in a stat that’s telling for our times, a full 30% of data theft occurs in cloud infrastructures.* Logic dictates that as cloud services continue to increase in popularity, those numbers will increase, too. That is, until security vendors and organizations put the hammer down and start protecting data wherever it lives.
Cloud Security is the 800 Pound Gorilla
Your employees are increasingly using cloud services (Dropbox, Office 365, Google Apps, and the like) to improve productivity and to collaborate more efficiently with co-workers, partners, and contractors. Problem is, IT and security administrators currently have little to no visibility into how these services are being used, who’s using them, and most importantly—what data is being uploaded and stored in them. Cloud service companies understand the risks, and generally put all the onus on the customer to protect their own data. So what’s a security-minded organization to do?
We All Need Cloud Visibility and Threat Protection
It all comes down to safely enabling the sharing and use of sensitive data in a way that doesn’t interrupt the flow of business. In a perfect world, data stored across multiple endpoint devices and cloud services needs to be discovered and categorized according to sensitivity and accessibility, and then encrypted, moved, or deleted according to policy. When it’s done right, even if your credentials are stolen, encryption makes the stolen data useless.
Right now, there are several security vendors looking to make inroads into the cloud security space—with varying degrees of success. Historically speaking, bolting on threat intelligence, data security, and encryption solutions has only created silos that make unified, enterprise-wide security a challenging prospect.
Shore-Up Cloud Security with These Best Practices
As you explore ways to better secure your enterprise data—regardless of format or where it lives—keep in mind the following:
- Data should be categorized according to sensitivity and accessibility, and then encrypted, moved, or deleted according to policy.
- Data should be blocked from unauthorized users, while authorized users should be able to use cloud services to do their job.
- Administrators should have a central point of management where they can observe all data and push security policies across all cloud services.
*2015 Grand Theft Data Report