PRESENTED BY:
HEALTHCARE IT NEWS & HIMSS MEDIA
news

Cloud security requires constant monitoring for new vulnerabilities

The only realistic way to keep your organization secure in the cloud is to take a layered approach that safeguards you in case one or more high risk scenarios unfold.

Jeff Rowe | Mar 09, 2018 12:00 am

Cloud providers have come a long way, in recent years, when it comes to data security, but the fact is that digital data will probably always be vulnerable one way or another.  

As tech consultant Larry Alton recently put it in a column at InformationWeek, “hackers have ways of compromising cloud data and running otherwise healthy businesses into the ground.”  In his view, then, it’s critical for any IT department to have a cloud security strategy.  “Coming up with a robust security strategy,” he argues, “will help you avoid common security failures and enjoy the freedoms and advantages that come with operating in the cloud.”

Among the key elements Alton says should be included in a cloud security strategy are the use of a layered approach to security, and the prioritization of data privacy. But one of the primary goals he mentions is to involve all key stakeholders in the strategy-making process.

“Securing your business in the cloud is a lot like building the hull of a boat,” he says. “A single hole – no matter the size – can sink what is otherwise a perfectly built ship. In terms of cloud security, a failure to account for all stakeholders and how they’re involved with your organization will lead to a compromised strategy.”

Part of the value Alton describes in including stakeholders is that it helps managers take into account all potential vulnerabilities.

Beyond on those foundational efforts, Alton notes the importance of investing in regular training. 

“The cloud is continually changing,” he observes, “which means our stance on cloud security should be evolving as well. You can’t just implement a cloud security strategy and then let it run its course. In order to stay secure, your employees need to go through regular training.”

Finally, and not surprisingly, he advises IT managers not to skimp on security.It’s not enough to transition your business to the cloud. If you’re going to invest in the cloud, you also need to invest in cloud security to protect your data and promote privacy.”