HomeComputingHow to handle cloud security and compliance

How to handle cloud security and compliance

|

[ad_1]

Could you give us a brief introduction about your company? What kind of products and services do you offer?

Focusing on sustainable partnerships, we create a data framework that helps humanity maximize its potential by innovating world-class, sophisticated data storage and management solutions. For more than 40 years, the world’s leading technology company has transported three billion terabytes of data.

Have a particularly interesting event at Seagate?

Page Title Watch Video

Last year, we launched Lyve Cloud, a simple, secure and efficient object storage cloud service for social media. It provides cost-effective object storage designed to eliminate cloud-to-cloud barriers.

With no gateway or API fees, you can seamlessly move your data between private, public and compute clouds and access it anytime, anywhere.

Lyve Cloud is designed to provide unparalleled multi-cloud freedom – no exit fees, no API fees, and no vendor lock-in; storage for multi-cloud freedom; simple, predictable, capacity-based pricing; and best-in-class security and accessibility.

What do you think the cloud-based threat vectors will be in the future? What advice do you have for companies on how to deal with this?

We continue to see credential thieves as the biggest threat to cloud environments. Adversaries use different tactics to gather legitimate evidence (for example, phishing attacks tailored to target victims).

To prevent lateral migration, companies are recommended to fully deploy and enable MFA (Multi-Factor Authentication) across the enterprise, not just for critical accounts. Second, disable old (weak) authentication protocols. Third, implement access control and enterprise-wide implementation of the principle of least privilege for users and cloud services.

How bad do you think the consequences of a data breach are now?

Data privacy controls are critical to protecting the variety and value of data in today’s digital transformation. Data breaches aren’t just about losing intellectual property or business competitiveness, they can quickly affect everything from human security to a country’s economy. For example, a data breach can prevent a doctor from performing a time-critical medical procedure, allow a fraudster to impersonate a victim, disrupt a city’s water and electricity supplies, or manipulate financial markets.

What are the main challenges in setting up cloud storage?

When it comes to setting up a cloud environment, cloud storage, inconsistencies, human error, and lack of adherence to security best practices are key challenges. A common misconfiguration that can be prevented is allowing anonymous access to cloud storage.

What advice would you give to companies trying to avoid falling foul of the law?

Select priority information security metrics, share weekly metrics against monitoring metrics requirements, and establish the right behaviors for your staff to follow on a daily basis. Information security threats and vulnerabilities are identified in a timely manner, contained, mitigated with appropriate controls, and then permanently eliminated.

Conduct independent internal audits to ensure that information security controls are working properly. Cross-functional improvement measures will be implemented as a result of these audits. An external external audit will then be conducted to ensure that the Information Security Controls are in compliance with national and international standards. Cross-functional improvement measures will be implemented as a result of these audits.

How to reduce the risk of a data breach with a comprehensive policy?

An organization’s risk appetite should be defined in a comprehensive security policy and then translated into security requirements, i.e. creating a secure environment based on industry standard security frameworks. To effectively mitigate risk, security policies must be enforceable, consistent, and adopted throughout the organization. The security policy should be reviewed and updated periodically.

What are Seagate’s plans for the coming year?

From providing best-in-class object storage as a service to providing a variety of features, tools, and compatible partner solutions, we continue to innovate to enable our customers to securely store and activate their massive data lakes.

At Cyber ​​Security and Cloud Congress On October 5, in Santa Clara, CA, Seagate Technology will participate in a discussion on “Tackling Vulnerabilities in Cloud Computing.”

Tags:

[ad_2]

Source link