Nebulaworks Insight Content Card Background - Mattias russo step stone
As cloud security risks grow, Digital Guardian compiled tips from data security experts on the most common (and avoidable) issues companies face when it comes to the cloud and securing their data. To do this, they asked 27 cloud computing and data security experts to answer this question:
“What is the number one issue most companies face with cloud computing and data security, and what can they do to address the issue?” Nebulaworks Co-founder Chris Ciborowski provides his expert opinion: 27 Data Security Experts Reveal The #1 Information Security Issue Most Companies Face With Cloud Computing & Storage:
In my experience the number one issue many companies face with cloud computing is…
Understanding what “the cloud” is and how cloud computing should be utilized given unique business requirements. Until an organization understands what a cloud encompasses, in its entirety, determining the best approach is an effort in futility.
Consider the fact that today there is no standard definition of Cloud. At the most basic level we can reference two methodologies: Delivery methodologies - public, private, hybrid deployments, and Service methodologies - infrastructure, platform, or software. And each of these are not mutually exclusive.
Take for instance an company which is looking to gain agility in application deployment by utilizing Platform as a Service (PaaS). Deploy PaaS and push applications quickly, allowing developers to work towards the demands of their internal users without the overhead associated with typical application development and delivery life cycles. However, PaaS can be utilized in the public, private, and hybrid cloud. Depending on the business needs - security, data centricity, etc., one delivery methodology will be a better fit than others. So it is important to start with a clear set of definitions.
Adding to this, each technology and provider approach is usually different and these can have a massive impact as use cases are mapped to a solution. Companies can easily spin up elastic compute resources in a public cloud today if time agility is required. But if the needs of the business change at a future point - for various reasons - they could be forced to abandon the work already completed in favor of a different technology or provider. Companies want to move away from vendor lock-in, and that is what the cloud should promise. Having a clear understanding of capabilities and limitations is critical in making sure a solution deployed today is cloud agnostic.