This is the second installment of the From Arthur’s Desk series discussing such topics as data loss prevention, discovery and metrics and more.
As enterprises move data to the cloud and collaborate using Google Apps, the on-premise commitment to prove regulatory compliance or follow internal data governance procedures doesn’t change. In fact, it grows, since customers and the public are suspicious of the cloud. Whether justified or not, the burden is on the company using the cloud to show the data of their stakeholders is used according to policy.
For the CIO, the moving target of compliance and governance is almost like a perfect storm:
- they’re moving to the cloud;
- there are concerns about the cloud; and
- the regulatory environment, based on non-cloud models, is changing too slowly or too fast for guidance.
The question is: How do you answer the changing security needs of the enterprise?
In this new reality, IT’s traditional role changes from blocking and preventing to enabling and leveraging the architecture and native security advantages of the cloud. CloudLock allows security conscientious organizations to extend their security practices to the cloud, fostering collaboration instead of limiting it.
Responsiveness to the regulatory landscape and the principle of continuous improvement drive world class security teams to refine their systems and processes. By keeping the infrastructure and infrastructure security model stable, Google takes away the burden of securing the infrastructure from organizations, allowing them to invest in pragmatic technologies and processes that truly assure compliance and protect their data, from a risk-management perspective, and support the business.
To support the changing needs of enterprise security teams, CloudLock continues to innovate, implementing sophisticated technologies for more automation and simplification of processes. In addition, CloudLock provides the technical means for implementing large numbers of business and compliance-oriented policies across the discover > classify > remediate continuum. The output of this is a stronger compliance profile, useful feedback and guidance to users, and meaningful analytics to guide strategy and manage risk.
CloudLock is the only enterprise data protection application for Google Drive. To implement data governance and compliance initiatives in Google Docs, enterprises need the ability to answer:
- What sensitive data do I have?
- Who has access to that data?
- Does that access represent a risk or violate a policy?
CloudLock enables enterprises to leverage the cloud, gaining visibility into the users and data in the domain and taking action to remediate when behavior rises to the level of risk or non-compliance. It allows enterprises to spend proportionally less time on commodity activities, and more time on the value-added activities of data protection, compliance and governance, as well as on supporting and enabling the business. The output is the confidence of stakeholders, from executives and customers to auditors and regulators, in the integrity and effectiveness of the data protection model in the cloud.
Read more from CloudLock: Google Docs Compliance and Regulations