Data loss prevention for cloud II: How it works in 5 industries
By Carol Ko 22-Dec-2011
Contrary to popular belief, the "vulnerable points" in a cloud computing environment may not be so much in the cloud itself, but the mobile devices and end points that are used to access data anywhere and anytime through the public insecure network infrastructure, according to Websense’s Technical Manager William Tam (pictured).
In this second part of the interview with Asia Cloud Forum (read Part I here), Tam suggests the possible unique vulnerable points of data loss in different industries if cloud computing applications or platforms were adopted, the potential risks they can create, and how the use of data loss prevention (DLP) systems can help mitigate the effects of data loss/leakage.
Higher education
Asia Cloud Forum: What are the common uses of cloud apps/platforms in higher education?
"Sensitive data including student personal records, staff records and exam papers, which can now reside in the cloud, are accessible from anywhere, including public computers and home computers."
-- William Tam, technical manager, Websense APAC |
William Tam: Cloud apps like GoogleDoc, Gmail and Office 365 are commonly used in higher education environments to reduce the investment cost in infrastructure as well as license in productivity software use.
Social networking tools like Facebook and consumer-based cloud apps like iCloud, SkyDrive or YouSendIt are also commonly used by students and staff members for information sharing and social networking.
What are the vulnerable points of data loss in these cloud apps?
Tam: Sensitive data including student personal records, staff records and exam papers, which can now reside in the cloud, are accessible from anywhere, including public computers and home computers.
What are the possible risks?
Tam: Whoever has access to these sensitive data in the cloud from any unprotected computer would either be captured by malware running, or they may simply leave behind cached copies of these data.
How may DLP systems help prevent data loss?
Tam: A DLP system can mitigate such risks by first monitoring and preventing sensitive data from being uploaded to the cloud. At the same time, by using cloud-based Web and email security services (an example of Software-as-a-Service) with DLP integrated, one can prevent sensitive data from being downloaded to untrusted locations.
Government
What are the common uses of cloud apps/platforms in government agencies?
Tam: We have yet to see major adoption of cloud apps/platforms within the government sector. However, it is rather common to see government employees using consumer-based cloud apps/platforms for business purposes, such as file sharing and public calendar.
What are the vulnerable points of data loss?
Tam: The vulnerable points start from the use of cloud apps/platforms without proper approval and security assessment. And sensitive data can be shared through these services unintentionally or intentionally.
What are the possible risks?
Tam: Sensitive data can end up in the wrong hands unintentionally.
How may DLP systems help prevent data loss?
Tam: DLP can help government agencies identify the data that should be classified as sensitive. It can then monitor all possible outbound channels to prevent classified data from being uploaded to any consumer-based or non-approved cloud app/platform, intentionally or unintentionally.
Banking and finance
What are the common uses of cloud apps/platforms in the FSI sector?
Tam: We have yet to see major adoption of cloud apps/platforms within the FSI sector. However, we have seen banks that work with business partners have made extensive use of cloud apps/platforms. For example, we have seen bank employees who are given Salesforce.com login IDs from their business partners to access specific data for the purpose of clearance and business transactions.
Digg
Print0 reader's comment
- 3801 reads
MOST VIEWED IN PAST 30 DAYS
SEARCH BY KEYWORD
Strategy
Infrastructure
Outsourcing
Cloud Management
Data Management
Security & Compliance
E-NEWS SUBSCRIPTION
Select the newsletter(s) to which you want to subscribe or unsubscribe.
Comments
Post new comment