Tips for Mitigating Data Breaches When Using Cloud Services

Philip Robinson
| Time 3 min read| Updated On - June 17, 2020

According to a recent report by McAfee, the average employee actively uses 36 cloud services at work, and a lot of the data that get stored using these services is sensitive (18.1%). Such data includes financial records, business plans, Social Security numbers, credit and debit card numbers, protected health information, and so on. The above figures highlight the importance of a tight cloud-security strategy. Below are some tips to help you get started:

Security Awareness Training & Policy Enforcement

According to a recent survey carried out by Oracle and KPMG, 97% of respondents said they require cloud services to be approved by the IT/security team, and as many as 82% of respondents are concerned that employees were violating those policies. With this in mind, it is crucial that organizations introduce an ongoing security awareness training program, which clearly explains the company’s security policies, and why it is important to adhere to them.

Encryption & Key Storage

It goes without saying that if you are going to store sensitive data in the cloud, it must be encrypted, both at rest and in transit. Doing so is not only a good security practice, but it is a regulatory requirement for most organizations. When storing encrypted data on the cloud, organizations must have control over their encryption keys. While most cloud service providers provide a number of easy-to-use solutions for encrypting data, it is still not advisable to store these keys in the same place as where the encrypted data resides.

Auditing & Reporting

Naturally, it is a good idea to audit and report on important changes to any sensitive data we store on the cloud. According to the above survey by Oracle and KPMG, 38% of respondents said they face issues detecting and reacting to threats in the cloud. While most popular cloud-service providers will provide some form of native auditing capabilities, they typically have limited functionality when compared to sophisticated DCAP (Data-Centric Audit & Protection) solutions. Not only that, but many companies use multiple cloud-services, which makes monitoring and correlating events more complicated.

Cloud Auditing Solutions such as Lepide Data Security Platform, are able to aggregate log data from multiple sources, such as AWS, Dropbox, Office365, and OneDrive, and display a summary of events via a single intuitive dashboard. Not only that but they provide real-time alerts, and a wide range of customized reports, which can be used to satisfy regulatory compliance requirements.

Passwords & Authentication

Most enterprises are still relying on the same password-based authentication methods that have been used since the dawn of multi-user systems. However, these authentications systems – even those that demand extra strong passwords – are sometimes breached. There are various encryption methods that can be used to help prevent brute-force passwords attacks, such as the use of a “salted hash”; however, it is still probably a good idea for organizations to use more advanced authentication methods when using cloud-based services, such as multi-factor authentication. As always, companies must adhere to the “principal of least privilege”, when assigning access rights, to ensure that employee’s only have access to the data they need to adequately carry out their duties.

Philip Robinson

Philip Robinson

Phil joined Lepide in 2016 after spending most of his career in B2B marketing roles for global organizations. Over the years, Phil has strived to create a brand that is consistent, fun and in keeping with what it’s like to do business with Lepide. Phil leads a large team of marketing professionals that share a common goal; to make Lepide a dominant force in the industry.

Popular Blog Posts