CIO & LEADER-Issue-10-January 2018 (1)

More documents

Recommendations

Info

COLUMN By Rahul Kumar Cloud Security: A Case For Effective Encryption Having an effective encryption and key management solution is vital to the success of any security strategy I It has not yet reached epic proportions, but the number of organizations adopting cloud-based technologies is growing dramatically. Organizations of all sizes across industries are turning towards cloud-based infrastructure and cloud computing for better scalability, accessibility and a collaborative work environment. However, after moving to the cloud, many organizations mistakenly assume that it is the role of the cloud service provider (CSP) to secure data and ensure compliance. Even though the CSP may provide services for protecting data, organizations must understand the fact that virtual environments are not always fully secure and that they—organizations—too have a role in protecting the security and privacy of their data. Remember, the liability to notify those affected and remediate damages is on you should your company suffer a data breach! The author is Country Manager for India at WinMagic Knowing the levels of responsibility does matter When it comes to choosing between cloud infrastructure and cloud computing, companies must make the decision backed by a plan to implement the right security solution. The solution should effectively address issues such as securing data, managing risk related to unauthorized access, and meeting compliance and regulatory requirements. Remember, the cloud is subject to the same threats 12 CIO&LEADER | January 2018
Column With increased sophistication of threats, cloud security is becoming even more dynamic as it evolves as a data center. Whether cloud or onpremise, organizations have to deal with human error, malicious breaches from internal and external sources, as well as system glitches. The massive amounts of data located on shared cloud servers always entice criminals. Things get a lot more complicated when a multitude of mobile devices are used in organizations. With increased sophistication of threats, cloud security is becoming even more dynamic as it evolves. Organizations continue to be responsible for security, privacy and compliance even when under different cloud service models. The need for consistent policies, password rules and specialized data encryption methods has never been greater. Both the organization and the CSP have roles that vary in scope, but then both also have different levels of responsibility that encompass the entire gamut of operations—from data classification, endpoint protection, identity and access management, application and network level controls, to host and physical security. There are clear boundaries defined and responsibilities identified for organizations and CSPs. For instance, in both on-premise and cloud models, the organization is responsible for ensuring that the data is classified and encrypted in compliance with the regulatory obligations. In the case of endpoint devices, CSPs may facilitate the management of these devices by providing secure device management, mobile application management, and PC management capabilities; however, the responsibility of implementing the security solution again lies with the customer organization. Who is responsible for a breach? There is no question about who is responsible when a breach occurs. For businesses, the vital consideration in securing the infrastructure and data relates to where the CSP’s responsibility ends and the organization’s begins so that a breach does not occur in the first place. This means that while the provider is responsible for protecting the hardware, software, physical facilities and other aspects involved with running the cloud services provided, businesses maintain control over a number of key security measures. Some key security measures for January 2018 | CIO&LEADER 13
Page 1: Face Off Is CIO's vertical speciali
Page 4 and 5: A 9.9 Media Publication Face Off Is
Page 6 and 7: WHAT CIOs ARE TIRED OF HEARING... a
Page 8 and 9: Around The Tech CES 2018 SPECIAL ma
Page 10 and 11: COLUMN By Priya Dar Essential Trait
Page 12 and 13: COLUMN By Aashish Kalra How Enterpr
Page 16: Column businesses include: Network
Page 19 and 20: Cover Story L et's address the elep
Page 21 and 22: Cover Story Alok Khanna Executive D
Page 23 and 24: Cover Story Jaspreet Bindra Senior
Page 25 and 26: Cover Story Sunil Mehta Senior Vice
Page 27 and 28: Face Off SUNIL MEHTA Senior VP & Ar
Page 29 and 30: Insight EEmotion artificial intelli
Page 31 and 32: Insight The transformation in the w
Page 33 and 34: Insight VVisa have announced a surv
Page 35 and 36: Insight In 2016, cloud started domi
Page 37 and 38: Security GGlobal organizations stan
Page 40 and 41: BANKING Farm All The Way To The Ban
Page 42: Banking The ideal tech solution mus

CIO &amp; LEADER-Issue-10-January 2018 (1)

Create successful ePaper yourself

Delete template?

Save as template?

CIO & LEADER-Issue-10-January 2018 (1)