No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Data Privacy

4 Steps to Secure Your Data in the Cloud

by Vibhav Agarwal
September 28, 2018
in Data Privacy, Featured
clouds beside laptop on wooden table

Managing Risk in a Shifting Regulatory Environment

Given the frequency of significant data breaches, organizations must be increasingly vigilant about data protection. Vibhav Agarwal, Director of Product Marketing at MetricStream, offers this primer on how enterprises can better secure their data in the cloud.

In today’s information age, a daunting challenge for enterprises of all sizes is determining the right approach to storing large volumes of data in a safe, cost-effective and easy-to-access manner. Deploying solutions on-premise can be complicated and put stress on budgets and infrastructure space, as the process would typically require extensive installations, configurations, updates and dedicated IT teams. Against this scenario, enterprises are pressured to transition toward the adoption of cloud computing to lower the total cost of ownership, increase time to value and achieve high performance and scalability.

It is evident that cloud computing enables enterprises to stay ahead in this digital world. However, despite many benefits, the flip side is that different types of risks can emerge if cloud computing is not implemented with the right approach. One of the main criticisms leveled against cloud computing (and SaaS) is the dependency on third parties for storing data. The other is the paucity in the availability of applications.

The four-point strategic plan detailed below can help businesses overcome these challenges.

1. Take a Risk-Based Approach to Cloud Computing

When it comes to cloud computing, the number one concern for companies is inadequate understanding of data. Prior to moving forward with any cloud computing adoption, enterprises need to understand the type of data moved to the cloud. A proper data risk assessment needs to be performed to analyze what and how important the data is. Part of this approach also means classifying what the potential risks are for enterprises if their data is stolen or lost, along with employing stronger controls to prevent any disasters from occurring. Other points to consider include:

  • How to provide notifications to entities about data collected by your business
  • Whether the PII or any other sensitive data is stored according to compliance requirements
  • Who has access to sensitive data, and what are their responsibilities include

2. Select the Right Cloud Service Provider (CSP)

While transitioning to the cloud, enterprises face the major obstacle of choosing the right CSP that suits their business requirements. The first step to follow is to partner with an industry standard cloud vendor who adheres to security and privacy standards set by industry bodies. Conducting detailed research on a CSP will further ensure that the provider of your choice offers the best-in-class security controls needed to protect your business and data.

Most organizations feel they are secure if they have followed mitigation strategies, yet fail to perform constant checks to ensure compliance. Continuous evaluation is required to ensure the approach does not become obsolete. Evaluation includes:

  1. Performing a due diligence check of your CSP periodically to ensure continuous compliance
  2. Conducting a data sanity check of data stored on cloud to ensure data quality and integrity
  3. Outlining the roles and responsibilities between your enterprise and the managed CSP in case of any crisis

3. Leverage the Role of Governance, Risk and Compliance (GRC) on the Cloud

There has been a surge of new laws and regulations introduced by different governments to implement security and privacy measures for enterprises storing information in the cloud, due to the rising threat of cyber theft and a growing realization of the amount of data that can be compromised.

Developing a robust, cloud-based GRC program will enable enterprises to automate compliance by continuous control monitoring, improve visibility into organization risk exposure and achieve competitive benefits for regulatory and government controls. With a GRC framework on cloud, enterprises can achieve:

  1. Enhanced information security, compliance and risk management
  2. The highest levels of reliability and operational control
  3. Continuous transparency and confidence
  4. Proactive and risk-driven intelligence
  5. Adherence to regulatory compliance mandates

4. Monitor the Cloud Regularly

Enterprises today operate in a dynamic technological environment that requires the implementation of a wide variety of cloud applications to perform business-critical operations efficiently. It is of paramount importance to monitor these applications hosted on the cloud in real-time and on a continuous basis. With the advent of new and improved technologies, enterprises need a centralized platform to provide a comprehensive view of the health, performance and stability of their IT applications hosted on the cloud. In an age where a few minutes of downtime can translate into a revenue loss of hundreds of thousands of dollars, employing a real-time monitoring strategy ensures interruption-free data flow for maximum productivity.

With data breaches on the rise, businesses need to control where and how data is stored, shared and accessed. A risk-based approach to the cloud – and the use of a robust GRC program alongside it – can be effective in combating the barrage of constantly changing regulations leveled at businesses today.


Tags: Cloud CompliancePersonally Identifiable Information (PII)Risk Assessment
Previous Post

Managing the Effects of Short-Termism on Risk Management

Next Post

Procurement and Compliance Getting Closer than Ever

Vibhav Agarwal

Vibhav Agarwal

Vibhav Agarwal is Director of Product Marketing at MetricStream, where he is responsible for MetricStream’s overall product marketing efforts across all GRC domains. Vibhav brings over 13 years of progressive experience in enterprise product marketing, product management and implementation to MetricStream. Having worked across multinational corporations and mid-sized companies and traveled extensively, Vibhav has gained exposure to North American, European and Middle Eastern markets and has led multimillion-dollar deal pursuits, product selection processes and product implementations.

Related Posts

ai policy

Planning Your AI Policy? Start Here.

by Bradford J. Kelley, Mike Skidgel and Alice Wang
May 7, 2025

Effective AI governance begins with clear policies that establish boundaries for workplace use. Bradford J. Kelley, Mike Skidgel and Alice...

business relationship concept hands

Relationship (Owner) Goals: Why Half Your TPRM Red Flags Stay Hidden

by Chris Audet
April 9, 2025

The front-line staff who manage vendor relationships are uniquely positioned to spot problems before they escalate, yet many organizations fail...

cute robot looking at financial volumes

AI’s Dual Role in FinServ Risk Management

by Nalini Priya Uppari
March 28, 2025

As technology evolves, so do the tools that help banks and investment firms maintain stability amid uncertainty

mineral mining operation

Why Critical Minerals Demand a Compliance Revolution

by Rebeca Vergara Gaona
February 11, 2025

Corporate compliance lessons could help strengthen intergovernmental mineral agreements before problems arise

Next Post
four businessmen linking arms

Procurement and Compliance Getting Closer than Ever

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights