Simplify Operations and Compliance in the Cloud by Protecting Sensitive Data

Analyst(s): Brian Lowans
Purchase this Document
Price: $195.00 USD (PAGES: 7)
To purchase this document, you will need to register or sign in above.
Summary
Public clouds offer attractive fast implementation and lower operational costs, but some security best practices must be employed when processing sensitive data. CIOs and CISOs must also understand the limitations of using encryption or tokenization in the cloud before proceeding.
Table of Contents
-
Introduction
-
Analysis
-
Simplify Audits When Using Cloud Services by Implementing Encryption or Tokenization to Control Access to Sensitive Data
-
Develop a Data Security Governance Strategy to Address Data Residency and Compliance Issues by Applying Encryption or Tokenization and Access Controls
-
Avoid Data Breach Notification Requirements for PII and ePHI by Protecting Data Stored in the Cloud
-
Don't Rely on the Service Provider to Delete All Copies of Data in the Cloud
-
Understand That Protecting Sensitive Data in Cloud-Based SaaS Applications May Require Trading Off Security and Functionality
-
Assess Each Encryption Solution by Following the Data to Understand When Data Appears in Clear Text, Where Keys Are Made Available and Stored, and Who Has Access to the Keys
-
Simplify Audits When Using Cloud Services by Implementing Encryption or Tokenization to Control Access to Sensitive Data
-
Gartner Recommended Reading