Secure your business

Where's our data? Secure steps for cloud storage

Highlights
  • It’s vital to involve HR, sales and marketing in planning cyber security strategies since they handle employee and customer data.
  • Shadow IT is the collection of programs your employees add to the network without approval from central IT.
  • To stop a data miner or ransomware compromising your entire cache, it’s important to segment your network in the cloud.

In any digital transition, your team is bound to ask exactly where the data is - like you, they'll want to know it's safe and secure.

The first part of your answer is easy: the data is in a flexible cloud where it’s easy to find, move and configure within the server. However, the next part is a little more complex: it’s in a flexible cloud, where it’s easily found, moved and configured by anyone who gains access. 

Two men watching security footage

The front line

Moving to the cloud involves planning how to secure and store your data, and it’s important that every vertical in your business is engaged. Think about all the people who can touch your data - from the HR department safeguarding your employees’ personal data, to the marketing and sales department who control the highly-regulated customer data produced by your CRM system.

Reaching out to these departments is vital when planning your security strategies to ensure they can easily integrate their data into the new setup. For external-facing departments, it’s also important to take feedback on how to streamline experiences for your customers.

 The back end

Shadow IT can be a major risk to your cloud’s security. This is the collection of programs and applications that your employees adopt and add to your network without the knowledge of central IT. Without IT approving these programs – and ensuring they’re kept up to date with security patches – they can present a hidden trap-door to your network.

To combat the problem, establish a strong policy governing which programs can (and cannot) be uploaded onto the network. This policy should be enforced with periodic network audits, and requiring programs such file sharing services, which communicate outside the network to be individually whitelisted. 

Another way to prevent hackers hopping onto your cloud is to deploy a Cloud Access Security Broker. This program acts like a bouncer: it sits between the cloud and those looking to access the it, and enforces an enterprise’s security policies on any connection.

While programs connecting to the cloud go through a security checkpoint, once they’re past that gateway they can potentially move and act unchecked. Lateral, “east/west” data flows, through cloud and virtual environments allow data to effectively bypass perimeter security defences. 

Cloud environments are particularly conducive to east/west data flows between virtualised applications and network sectors. 

To stop a data miner or ransomware potentially compromising your entire cache, it is important to segment your network (including applications and users) using virtual secure gateways in the cloud itself. This will allow your IT department to monitor how data is moving through your cloud networks and provide them with vital screening capabilities to ensure it stays where it should be. 

Find out how to keep your data safe with our Cyber Security Health Check.

Find out more

Related News

Staying connected in the field
Liberate your workforce
Liberate your workforce
Staying connected in the field

We take a look at the collaboration technologies keeping geographically dispersed workers in touch with head office. Whether they’re on a remote site or going door-to-door vis...

colleagues on an iPad
Liberate your workforce
Liberate your workforce
Tip of the iceberg: Inside mobile threat detection

An integral part of our workplace, mobiles are being overlooked as a vector for cyber threat. In its Market Guide for Mobile Threat Defense Solutions, Gartner estimates that “...

Man on mobile and laptop
Secure your business
Secure your business
Towards a whole of organisation incident response plan

Most Australian organisations have an incident response plan in place, but many security professionals face challenges engaging crucial stakeholders outside IT. The Telstra Sec...

Visibility, reliability: Future proofing Australia
Optimise your IT
Optimise your IT
Visibility, reliability: Future proofing Australia

Take a look at the changes underway in Telstra’s networks, as we bring our vision for the future to life. It’s no small feat to redesign infrastructure that connects millions o...