Recent headlines emphasize the importance of securing our most private information assets. Most enterprises aren’t in the business of protecting revealing photographs, but they do face challenges in following their users into the cloud while maintaining security in the process.
Complementing the security of a cloud application itself through best practices is a start, whether we’re talking about personal or corporate SaaS accounts.
Here are four lessons to learn from the recent iCloud data breach that the savviest organizations have already mastered:
1. User Awareness is Key. The average user of cloud applications – celebrity, corporate citizen, or civilian – lacks IT or security expertise, nor do they care about it until something sensitive to them is exposed. For users, knowing what constitutes sensitive information and related best practices is vital.
Prompt users to ask themselves: does this data belong in the cloud in the first place? If so, is it something that should be created or posted using my corporate credentials or personal credentials? Make sure users understand how their file sharing and other SaaS app behavior may introduce risk to the data they care most about – and how they can control sharing permissions.
2. Unexpected Access. Many of the cloud platforms offer and encourage connection with other apps. Depending on the access permissions, this could introduce a tunnel into your data. Ask yourself: do I have control over this data flow?
If the 3rd party app were to be compromised, a hacker would be able to leverage the permissions of the app to execute a wide range of malicious activities, including data exfiltration.
Evaluate each app enabled in your domain by asking: 1) Does the app enhance user productivity? and 2) What information does the app have access to and could any of it sensitive?
3. Know Where Your Sensitive Data Is. Just as leaked photos are damaging to individuals, a business data breach can shake an entire organization to the core – and can lead to equally negative press. There is no shortage of examples, ranging from the highly publicized Target breach to the recent Home Depot incident. To avoid a similar fate, establish policies to keep your cloud-available data under control and govern accordingly.
Understand who is using SaaS applications, what sensitive data stored in the cloud and with whom is it shared, and what 3rd party apps are enabled.
4. Secure Your Most Private Assets With an Extra Layer of Protection. The reality is that you can only do so much to prevent a breach – it’s happened to some of the BEST organizations out there. Increase your level of protection and encrypt the absolute most precious data assets that you have.
File-level encryption in the cloud will prevent malicious parties from accessing your most sensitive data – whether it’s PCI data, intellectual property, or other information you want to keep from prying eyes. Employing encryption selectively helps protect your most sensitive data in the event of account compromise – whether due to user error, phishing attack, weak security scheme on the cloud provider’s side or a security bug.
Relevant to Your Organization? Learn More.
If this sounds all too close to home and you want to be serious about security, learn the do’s and don’ts of encryption in the cloud by downloading our complimentary eBook: Data Encryption in the Cloud: A Handy Guide, featuring tips and tricks to get started, best practices to keep in mind, and more.