Venus AUEB Forum

[...]

The great convenience of availability and motility gives rise to important concerns. Simply protecting against “who” can see or steal your data isn’t enough, companies must now also protect against where resources are located. Several regions (Canada and the European Union to name two) have enacted very strict data privacy and processing laws that forbid the collection or processing of personal information beyond their boundaries.

So how can you protect yourself from the headaches that come from unruly and nomadic information?

1)First, take a thoughtful and methodical approach to the information you store in the cloud. This should include a data lifecycle program that classifies the criticality, sensitivity and timelines of processes and information residing in the cloud. This can help companies avoid losing control of those truly important bits.

2)Next, conduct a deduplication program. Doing so will give you comfort about the number of sensitive documents in the cloud, help you destroy all necessary data when the time comes, and ultimately cut down on storage costs.

3)Most importantly, gain a thorough understanding from your cloud service provider of the level of influence you have over how your data is handled. Your SLA should clearly define the controls your CSP places around your assets. Seriously consider if you want to rely on an IaaS vendor that won’t attest to its processes, controls and procedures.

4)Lastly, when in doubt – encrypt! Standard 256-bit encryption of your storage volumes should deter the curious administrator or seasoned hacker from prying, thieving or simply poking around where they don’t belong. Encryption will also reduce the risk that repurposed storage devices could contain important information when volumes are vacated or when the associated drives are reclaimed for replacement.

Spoiler: εμφάνιση/απόκρυψη

Θα έλεγα ότι ειναι υποψήφιο και για turing βραβείο, αλλά μέχρι να βραβευθεί δεν "κάνει" :smt005