How do you address data security in the Cloud? specifically, how confident are you that your privacy data is properly protected?

CloudSecurity & GRC
11.8k views3 Upvotes7 Comments
Senior Security and Compliance Auditor in Software, 1,001 - 5,000 employees
Its protected decently in that we have done much to exercise existing security configuration options.  New vulnerabilities and Facebook I’m not so sure.  Internal threats at the cloud provider, as seen with the Capital One / AWS event, leave even aggressively secured environments vulnerable to those with the keys.  To ensure a company keeps running, some people, not everyone, needs to be trusted with critical access.  Even a few doctors break from their code of ethics.  If that company shuts down, then my data no longer has a steward and can be sitting on some server anywhere on Earth.  Most of that data is benign but sometimes, sometimes, it’s my old Blockbuster rental list, which I would not be able to explain away.        
1 Reply
Assistant Director IT Auditor in Education, 10,001+ employees

I agree, well said

Director of Information Security Operations in Consumer Goods, 1,001 - 5,000 employees
Casb and dlp and lots of SIEM rules..
CIO in Software, Self-employed
I'm confident because we isolate user's data as much as we can
Assistant Director IT Auditor in Education, 10,001+ employees
This is a good practice. 
Program Manager in Software, 10,001+ employees
Encryption and controlling access
Director, Technology Infrastructure Operations in Transportation, 5,001 - 10,000 employees
Encryption, access control, and DLP

Content you might like

What is your organization's primary development platform?

DevOpsApplications & PlatformsCloud

On-premises28%

Private Cloud39%

Public Cloud40%

Hybrid Cloud29%


418 PARTICIPANTS
1.7k views

If you use an air-gapped backup solution, would you say there are drawbacks?

CloudGovernance, Risk & ComplianceSecurity & GRC+13 more

Slow recovery response times34%

Data availability is limited49%

Too expensive to scale effectively53%

Difficult to manage for widespread use37%

Prone to misconfiguration12%

No - There are no drawbacks7%


568 PARTICIPANTS
1.8k views3 Upvotes

What are your suggestions for tools that integrate Apple devices into the enterprise Single Sign On (SSO)?

InfrastructureSecurity & GRCManagement Tools
69 views

Has anyone identified a good management tool that can provide insights to the backend configuration (Cloud) of multiple EDR tools and optimize the solution across multiple providers (like Trend, Microsoft Defender, Crowdstrike)?

Security & GRCStrategy & ArchitectureInfrastructure+1 more
Read More Comments
1k views1 Upvote2 Comments

Did anyone else catch this stat on Crunchbase: "M&A deal-making in the cybersecurity space continues to slow with only 13 deals announced for VC-backed startups in the first quarter of the year"  Do you think the decrease in cybersecurity M&A is going to impact innovation or could it lead to consolidation in terms of vendor offerings (that is perhaps a needed change)?

Security Strategy & RoadmapSecurity & GRCInnovation
Read More Comments
1.2k views1 Upvote4 Comments