How do you address data security in the Cloud? specifically, how confident are you that your privacy data is properly protected?

CloudSecurity & GRC
11.9k viewscircle icon2 Upvotescircle icon6 Comments
Sort by:
Director, Technology Infrastructure Operations in Transportation6 years ago

Encryption, access control, and DLP

Program Manager in Software6 years ago

Encryption and controlling access

Director Certifications in Education6 years ago

This is a good practice. 

Director of Information Security Operations in Consumer Goods6 years ago

Casb and dlp and lots of SIEM rules..

Senior Security and Compliance Auditor in Software6 years ago

Its protected decently in that we have done much to exercise existing security configuration options.  New vulnerabilities and Facebook I’m not so sure.  Internal threats at the cloud provider, as seen with the Capital One / AWS event, leave even aggressively secured environments vulnerable to those with the keys.  To ensure a company keeps running, some people, not everyone, needs to be trusted with critical access.  Even a few doctors break from their code of ethics.  If that company shuts down, then my data no longer has a steward and can be sitting on some server anywhere on Earth.  Most of that data is benign but sometimes, sometimes, it’s my old Blockbuster rental list, which I would not be able to explain away.        

1 Reply
no title6 years ago

I agree, well said

Content you might like

My organization is evaluating CCaaS for our clinical call centers. Looking discuss experiences implementing CCaaS with Epic as the EMR. Discussion Topics: experiences implementing CCaaS with Epic, levels of effort, Lessons Learned, ROI, ROE, etc. Would appreciate any feedback.

When buying a SaaS solution are you considering, looking, or using enterprise marketplace, such as Microsoft or AWS marketplace to complete a transaction?

Yes59%

Not allowed33%

Start evaluating14%

Only for some softwares/products1%

View Results

The "CLOUD Act" is a U.S. law that conflicts with EU data sovereignty by allowing U.S. authorities to access data stored on U.S. company servers, even if that data is physically located in the EU or Asia. 

In this context, are the CIOs /CTOs considering alternative to SharePoint online? As the documents stored in SharePoint are directly exposed to this risk, even if MS claim to provide encryption.

Yes, active exploring alternatives57%

No, not considered as risk43%

Seeking expert / legal advice, but no rush

View Results

Seeking advice on integrating embedded AI agents into Workday/SAP/etc. How do you handle integration across HRIS, ATS, and LMS? Do you rely on vendor-native tools or build your own in-house registries?

I am looking for an end point DLP solution for our cloud pc (Windows 365) environment. Any recommendations would be greatly appreciated. Our current solution is not scalable for the cloud environment.

Read More Comments