AST Digital Magazine August 2017 Digital-Aug | Page 47

Volume 15
August 2017 Edition
For example , if the IT department discovers a cloud service that ’ s being used within a single department , but has potential to increase productivity of the company as a whole , then they could sanction the service and push it out to all employees .
2 . Complying with Internal Policies and External Regulations Cloud remains a very dynamic environment .
As a result , enterprises need to alter their practices the comply with internal and external regulations such as HIPAA-HITECH , PCI-DSS , EU- GDPR , etc .
Data loss prevention ( DLP ) was a practical tool for staying compliant with internal and external policies in the past .
However , now that more data is being stored in the cloud , DLP requires a new strategy .
The following practices can help in transitioning on-premises DLP to also include DLP for the cloud :
• Understand the type of data being uploaded to the cloud
• Prohibit sharing data with unauthorized third parties
• Prevent high value data uploads to the cloud
• Inventory existing policies and figure out how to adjust them for the cloud
• Find out which users have access to sensitive information , and which third party partners have access to that data
• There should be a single set of comprehensive DLP rules that apply to all cloud services in use
3 . Detecting Anomalous Events in the Cloud to Prevent Threats Cloud usage generates billions of events every day . Most of these events are a result of normal user activity within a cloud application .
However , a small fraction of these events deviate from what should be considered normal , and sometimes could be indicative of a threat .
For example , if a user logs into Salesforce several times , with no success , it may just mean that the user has forgotten her password .
While it may be an anomalous event , by itself it ’ s not indicative of a threat .
However , if the same user ’ s email is used to generate several failed login attempts at accessing Office 365 and then Dropbox during the same time period , correlating the events would reveal a threat from a hacker attempting to gain access to the cloud services .
Cloud threat prevention requires machine learning to correlate disparate events to minimize false positives / negatives and flag those events that are actual threats . Machine learning combined with user behavior analytics ( UBA ) can be an effective tool for organizations , as it can comb through billions of events every day .
4 . Data Security Although data security has broad application within cloud security , two common forms of data security are encryption and tokenization .
Encryption is an effective security measure , as long as the decryption keys aren ’ t lost or compromised . When using encryption , it is important to remember that the customer should be the only one with access to the decryption keys .
Many cloud service providers ( CSP ) that provide native encryption also retain access to the decryption keys .