Simplify Operations and Compliance in the Cloud by Protecting Sensitive Data


Archived Published: 02 June 2015 ID: G00275235

Analyst(s):

Purchase this Document

Price: $195.00 USD (PAGES: 7)

To purchase this document, you will need to register or sign in above.

Summary

Public clouds offer attractive fast implementation and lower operational costs, but some security best practices must be employed when processing sensitive data. CIOs and CISOs must also understand the limitations of using encryption or tokenization in the cloud before proceeding.

Table of Contents

  • Introduction
  • Analysis
    • Simplify Audits When Using Cloud Services by Implementing Encryption or Tokenization to Control Access to Sensitive Data
    • Develop a Data Security Governance Strategy to Address Data Residency and Compliance Issues by Applying Encryption or Tokenization and Access Controls
    • Avoid Data Breach Notification Requirements for PII and ePHI by Protecting Data Stored in the Cloud
    • Don't Rely on the Service Provider to Delete All Copies of Data in the Cloud
    • Understand That Protecting Sensitive Data in Cloud-Based SaaS Applications May Require Trading Off Security and Functionality
    • Assess Each Encryption Solution by Following the Data to Understand When Data Appears in Clear Text, Where Keys Are Made Available and Stored, and Who Has Access to the Keys
  • Gartner Recommended Reading
© 2015 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartners research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.

Why Gartner

Gartner delivers the technology-related insight you need to make the right decisions, every day.

Find out more