No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Data Privacy

4 Steps to Secure Your Data in the Cloud

by Vibhav Agarwal
September 28, 2018
in Data Privacy, Featured
clouds beside laptop on wooden table

Managing Risk in a Shifting Regulatory Environment

Given the frequency of significant data breaches, organizations must be increasingly vigilant about data protection. Vibhav Agarwal, Director of Product Marketing at MetricStream, offers this primer on how enterprises can better secure their data in the cloud.

In today’s information age, a daunting challenge for enterprises of all sizes is determining the right approach to storing large volumes of data in a safe, cost-effective and easy-to-access manner. Deploying solutions on-premise can be complicated and put stress on budgets and infrastructure space, as the process would typically require extensive installations, configurations, updates and dedicated IT teams. Against this scenario, enterprises are pressured to transition toward the adoption of cloud computing to lower the total cost of ownership, increase time to value and achieve high performance and scalability.

It is evident that cloud computing enables enterprises to stay ahead in this digital world. However, despite many benefits, the flip side is that different types of risks can emerge if cloud computing is not implemented with the right approach. One of the main criticisms leveled against cloud computing (and SaaS) is the dependency on third parties for storing data. The other is the paucity in the availability of applications.

The four-point strategic plan detailed below can help businesses overcome these challenges.

1. Take a Risk-Based Approach to Cloud Computing

When it comes to cloud computing, the number one concern for companies is inadequate understanding of data. Prior to moving forward with any cloud computing adoption, enterprises need to understand the type of data moved to the cloud. A proper data risk assessment needs to be performed to analyze what and how important the data is. Part of this approach also means classifying what the potential risks are for enterprises if their data is stolen or lost, along with employing stronger controls to prevent any disasters from occurring. Other points to consider include:

  • How to provide notifications to entities about data collected by your business
  • Whether the PII or any other sensitive data is stored according to compliance requirements
  • Who has access to sensitive data, and what are their responsibilities include

2. Select the Right Cloud Service Provider (CSP)

While transitioning to the cloud, enterprises face the major obstacle of choosing the right CSP that suits their business requirements. The first step to follow is to partner with an industry standard cloud vendor who adheres to security and privacy standards set by industry bodies. Conducting detailed research on a CSP will further ensure that the provider of your choice offers the best-in-class security controls needed to protect your business and data.

Most organizations feel they are secure if they have followed mitigation strategies, yet fail to perform constant checks to ensure compliance. Continuous evaluation is required to ensure the approach does not become obsolete. Evaluation includes:

  1. Performing a due diligence check of your CSP periodically to ensure continuous compliance
  2. Conducting a data sanity check of data stored on cloud to ensure data quality and integrity
  3. Outlining the roles and responsibilities between your enterprise and the managed CSP in case of any crisis

3. Leverage the Role of Governance, Risk and Compliance (GRC) on the Cloud

There has been a surge of new laws and regulations introduced by different governments to implement security and privacy measures for enterprises storing information in the cloud, due to the rising threat of cyber theft and a growing realization of the amount of data that can be compromised.

Developing a robust, cloud-based GRC program will enable enterprises to automate compliance by continuous control monitoring, improve visibility into organization risk exposure and achieve competitive benefits for regulatory and government controls. With a GRC framework on cloud, enterprises can achieve:

  1. Enhanced information security, compliance and risk management
  2. The highest levels of reliability and operational control
  3. Continuous transparency and confidence
  4. Proactive and risk-driven intelligence
  5. Adherence to regulatory compliance mandates

4. Monitor the Cloud Regularly

Enterprises today operate in a dynamic technological environment that requires the implementation of a wide variety of cloud applications to perform business-critical operations efficiently. It is of paramount importance to monitor these applications hosted on the cloud in real-time and on a continuous basis. With the advent of new and improved technologies, enterprises need a centralized platform to provide a comprehensive view of the health, performance and stability of their IT applications hosted on the cloud. In an age where a few minutes of downtime can translate into a revenue loss of hundreds of thousands of dollars, employing a real-time monitoring strategy ensures interruption-free data flow for maximum productivity.

With data breaches on the rise, businesses need to control where and how data is stored, shared and accessed. A risk-based approach to the cloud – and the use of a robust GRC program alongside it – can be effective in combating the barrage of constantly changing regulations leveled at businesses today.


Tags: Cloud CompliancePersonally Identifiable Information (PII)Risk Assessment
Previous Post

Managing the Effects of Short-Termism on Risk Management

Next Post

Procurement and Compliance Getting Closer than Ever

Vibhav Agarwal

Vibhav Agarwal

Vibhav Agarwal is Director of Product Marketing at MetricStream, where he is responsible for MetricStream’s overall product marketing efforts across all GRC domains. Vibhav brings over 13 years of progressive experience in enterprise product marketing, product management and implementation to MetricStream. Having worked across multinational corporations and mid-sized companies and traveled extensively, Vibhav has gained exposure to North American, European and Middle Eastern markets and has led multimillion-dollar deal pursuits, product selection processes and product implementations.

Related Posts

credit score gauge

Sales at All Costs? Unified Credit Risk Management Can Squash Bad Deals Before They Happen

by Matthew Debbage
March 15, 2023

The collapse of a business doesn’t usually happen all at once. There are warning signs. Late payments, legal filings and...

risk tunnel

From Regulation to Volume, There Is No Light at the End of the Data Privacy Tunnel

by Jim DeLoach
March 15, 2023

Data proliferation and data privacy regulatory activity across the globe have created the need for focused boardroom discussions. An underpinning...

cloud computing security

Cloud Security Isn’t Just on Your Provider; It’s Your Job, Too

by Wolters Kluwer
March 1, 2023

Organizations want to embrace all the benefits the cloud has to offer while still protecting their sensitive data. Engaging a...

red flag warnings

Fostering Risk Transparency in the Organization

by Jim DeLoach
November 9, 2022

Serious risks to your company’s financial and reputational health probably aren’t going to walk up and introduce themselves. Protiviti’s Jim...

Next Post
four businessmen linking arms

Procurement and Compliance Getting Closer than Ever

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT