ACI Learning Leadership Series: A C-Suite guide to protecting data on the Cloud

ACI Learning Leadership Series: A C-Suite guide to protecting data on the Cloud

Host: Wes Bryan Guest: Ben Finke, CTO and co-founder of OnDefend

Introduction:

Transitioning to the cloud is a prevalent trend as organizations move away from on-premises data protection setups. The purpose of this guide is to serve as a complementary aide to help you follow along in our recent Leadership Series webinar episode, “A C-suite guide to protecting data on the cloud.” In this webinar, edutainer Wes Bryan speaks with guest Ben Finke with a high level overview of what leadership needs to know before transitioning their business to the cloud. Have these notes ready, then watch our full interview.

1. Cloud transition considerations:

• Various types of clouds exist, with the public cloud being a common choice.
• Key benefits include accessibility, speed, and cost reduction during off-peak times.
• Organizations may reinstall existing systems or redesign them for better cloud compatibility.
• The first step is defining how the cloud will be used and secured.

2. Advantages of Cloud Deployment:

• Improved configuration and patch management through code-based management.

• Built-in disaster recovery and business continuity.

• Enhanced resiliency when following a good cloud deployment guide.

• Challenge to consider: Addressing the vast and dispersed digital footprint while protecting client information.

3. Challenges in Data Protection:

• Need for a uniform data protection strategy considering varying regulations.

• Data sovereignty laws may require a cloud provider with multiple data centers.

• Challenges in managing data when moved, emphasizing the importance of controls.

4. Disadvantages of Cloud Migration:

• Loss of control over security options due to interconnected cloud environments.

• Security professionals need to adapt to higher-level configuration management.

• Skills required for in-house defense tools may not directly translate to cloud security.

• Recommendation: Security teams must upskill into developer-like skill sets.

5. Best Practices for Client Data Protection in the Cloud:

• Embedding the security team with DevOps for real-time monitoring and decision-making.

• Integrating security practices into the architectural process during development.

• Emphasizing the importance of logging in a cloud environment and having a plan for collection, utilization, and storage of logs.

• Recognizing the need for security professionals to adapt to developer-like skill sets.

Conclusion

Moving to the cloud offers numerous advantages, but organizations must carefully consider their strategy, security implications, and data protection measures. Best practices involve embedding security in the development process, embracing comprehensive logging, and adapting security teams to the unique challenges of cloud environments.