2 minute read
DATA PROTECTION IN THE CLOUD: 3 BEST PRACTICES
from The Integrator
By: Rick Vanover, Senior Director of Product Strategy, Veeam
Advertisement
The “Global DataSphere” is exploding in size. IDC predicts that by 2026, the amount of data in the world will have doubled again. While most enterprises have digitised their operations, they continue to add more strategic workloads and create more data. So, as the amount of data enterprises have to deal with grows exponentially, moving to the cloud based on an elaborated strategy offers significant benefits like scalability, flexibility and cost-effective storage.
Gartner expects total worldwide end-user spending on public cloud services will reach a record $592 billion this year, a 21 per cent increase from 2022. The Cloud security alliance (CSA) reported that 96% of companies say they have insufficient security for sensitive cloud data.
Know Your Data
Before you can protect anything, you need to know who’s storing what and where. Is everyone in the business using the same accounts? To make sure this is done right, IT teams often need to play detective or go on a journey of discovery across the business. To find these threads, it is often necessary to look through finances and collect invoices for cloud costs across the organisation.
Automated data classification engines can help you sort through and organise - so you’re not blindly trying to protect everything to the nth degree. Once you know exactly what you have stored on the cloud (and where) only then can you start looking at how this data is secured.
Know Your Responsibilities
There is a big gap in awareness of the shared responsibility model on which cloud security is built on. This means they assume the provider is responsible for certain security measures when in reality it's their job. The provider is responsible for the security of the infrastructure and the physical facilities that host it. Securing applications, data and access to the environment, however, is the responsibility of the customer.
In practice, this means enterprises need to ensure they have backups of all critical and sensitive data stored in the cloud in case of breaches or outages. The best practice is to have multiple backups in different locations (e.g. one on-premises as well as a cloud copy) and have copies of data across different mediums, with at least one copy being kept offsite, offline and immutable - even better yet, all three.
The other core security responsibility that lies with the enterprise is controlling access and privileges. If every user of your cloud has access to God Mode, any breach is going to be devastating.
KEEP IT COST-EFFECTIVE
Data needs to be on the right storage platform in the cloud - and this will change during its lifecycle. For example, it might move from block resource to object storage to archive storage. The costs associated with these are variable, so make sure you’re not storing (or backing up) data in inefficient ways.
This is one small part of avoiding eventual “bill shock” for cloud computing and storage costs. Beyond simple data, costs are API costs, data egress (transfer) and more. I always recommend enterprises have an established “cloud economic model” that they follow to prevent costs from piling up and ensure spending matches expectations.
