Use and implementation of Cloud in business
At ADP, cloud computing and cloud enablement services are the cornerstone of our global delivery capabilities for the hundreds of human capital management, automotive management, and health and wellness services we deliver to millions of consumers around the globe. At an operational level, the integrated aspects of a flexible and scalable computing environment that delivers platform availability, advance data use management, and enhance client access is a business imperative. In other words, cloud computing is a core tenant in our ability to expand market opportunities and enable innovation into our product and delivery capabilities.
While advancements in cloud computing technology and ecosystem integration provides new challenges for platform protection, core aspects and tenants of tried and true information security frameworks still well apply. The appropriate application of AAA is core to the success of any technical Deployment. Authentication and authorization at all parts of the stack are vitally important to ensuring the right level of access to the right people at the right time. A holistic view of your environment is imperative to have and the only way to ensure that occurs is through the use of significant auditing and logging capability. Integrated threat monitoring programs demand access to not just only security events on a platform but all business processes application information and even transactional information to create a holistic picture of your environment.
Promising advancements in the area of security intelligence and controls assurance integration have enabled organizations to re-utilize existing implementations of security technologies into their cloud programs. For instance, the use of big data platforms in security intelligence allows organizations to integrate external information from thei cloud providers into their overall business technology monitoring platform. This allows for a clear and total understanding of your entire operations platforms with their cloud-based or not. Additionally the use of governance risk and compliance platforms that allow for the collection and measurement of controls information within your external cloud instantiation enables the reuse of existing resources to manage risks and compliance assurance in these new diverse platforms.
We are seeing an incredible opportunity in the future of cloud-based services and protection offerings including the development of integrated threat ecosystems that enable businesses to pass threat information, response information, and security intelligence data between their companies in a safe and effective manner. Additionally, smart startups are creating new mechanisms that allow for bidirectional controls instantiation and assurance directly into cloud platforms through new dynamic virtualized models that create elasticity in a protected manner of your enterprise environment.
Building an effective DLP program
Although data leakage prevention has been around for many years I believe it has still not reached a level of operational maturity that it is capable of. DLP as an independent toolset has its basic utilities however; the real value is in DLP’s effective use as a multiuse tool set.
The primary failure of most deployments is typically in the single tier use of DLP as an edge technology. Most DLP technologies today enable a multitiered implementation that looks at data in transit through your edge data in transit through your environment data in use at the desktop level and data at rest within the storage platform. Through the integrated use of the data protection ecosystem, DLP becomes a force multiplier by enabling concepts such as critical data discovery, critical asset movement, and automated rules instantiation through integration with technologies such as unstructured data protection and information lifecycle management tools.
Further use in a converged security model expands the operational efficiencies of your organization. Specifically, the use of data leakage prevention in workforce protection and like convergence services enables the early identification of problematic human behavior through early identification.
DLP’s operational value can be leveraged to protect the businesses data, intellectual property, and people. However if not thoughtfully introduced into the environment, and if effective workflow for incident identification, investigation, and remediation are not part of the overall deployment, DLP becomes just another tool that alerts in a pile of not reviewed information.