Cloud applications are a priority for every business – the technology is flexible, easy-to-use, and offers compelling economic benefits to the enterprise. The challenge is that cloud applications increase the potential for corporate data to leak, raising compliance and security concerns for IT. A primary security concern facing organizations moving to the cloud is how to secure and control access to data saved in cloud applications.
This white paper explores technologies that combine the flexibility of public cloud apps like Salesforce and Box, with the security and compliance of a private cloud. When deployed as part of an end-to-end data protection program, such an approach can provide the same security and assurances as can be achieved with premises-based applications.
Comprehensive Data Protection in the Cloud
In today’s business, IT may no longer own or manage the apps, the devices, or the underlying network infrastructure, yet is still responsible for securing sensitive corporate data. While cloud application vendors secure their infrastructure, the security of the data remains the responsibility of the customer using the application. A comprehensive approach to data security in cloud environments covers the full lifecycle of data in an organization—in the cloud, on the device, and at the point of access.
•In the Cloud—Most cloud apps don’t encrypt data-at-rest, and those that do encrypt manage the keys themselves. For organizations in regulated industries and/or with sensitive data stored in these apps, the ability to maintain confidentiality of corporate data remains unsolved.
•At Access—Cloud apps provide limited access control, data leakage prevention, and visibility when compared with applications hosted on premises. This makes it difficult to control who, what, where, and when employees access cloud applications.
•On the Device—Since cloud applications can be accessed from any device, anywhere, a comprehensive security solution should include protection for cloud application data on client devices such as laptops, tablets and smartphones.