SlideShare a Scribd company logo

Staying Secure in the Cloud: Four Tips For Midsize Businesses

MidmarketIBM
MidmarketIBM
TechnologyBusiness
1 of 8
Download to read offline
Staying Secure in the Cloud Four tips for midsize businesses Brought to you by
Overview Cloud computing allows businesses to deliver new services with agility and speed, all while saving money. But it’s no secret that working in the cloud can be risky. Brought to you by
Key Recommendations Follow these four tips to help protect your cloud environment: 1. Determine what you want to put in the cloud 2. Spend wisely 3. Accept that security is about risk management 4. Make security relatable and understandable Brought to you by
TIP 1 Determine what you want to put in the cloud. • First, discover and inventory your assets and data. Classify it by importance to your business and risk: how much stewardship are you directly responsible for (e.g., organizations with Electronic Protected Health Information) and what is the risk? Only allow data into the cloud that you’re willing to risk putting into the hands of a third party, and which may be located anywhere in the world. • Negotiate smart contracts with the cloud vendor and provider. Determine what you think are acceptable and mitigating controls to compensate for any problems that occur. Brought to you by
TIP 2 Spend wisely on security. • If you don’t have a robust security department, cloud providers may be able to give you much better security than you can provide yourself. However, they have no context about your data: what is business critical intellectual property vs. your aunt’s cookie recipes. $ Brought to you by $ $ $$ $
TIP 3 Security isn’t an all-or-nothing proposition. Accept that security is about risk management. • Small businesses are often better at understanding security because the management team is closer to IT operations. Brought to you by
4 TIP Make the concept of security relatable and understandable. • In some instances, security can get lost in translation between management and IT. Find someone who can speak both languages so he/she can articulate in business language what IT security means. • Increasingly the Chief Information Security Officer is being pulled from executive management ranks rather than from a technical role (or the security team). Understand that the CISO’s job is changing into a role of an interpreter, one that can translate what IT is saying into operational language. Brought to you by
A more informed approach. The cloud doesn’t have to be a scary place. There are many cloud solutions that are well managed and secure. You just need to ask the right questions and pay close attention to the security expertise of your cloud provider. Learn more Brought to you by Download the IBM white paper, “Integrated IT Security for Midsized Businesses”.

Recommended

Comparison of Cloud Computing Services | Torry Harris Whitepaper
Comparison of Cloud Computing Services | Torry Harris WhitepaperComparison of Cloud Computing Services | Torry Harris Whitepaper
Comparison of Cloud Computing Services | Torry Harris WhitepaperTorry Harris Business Solutions
 
Choosing the Right Clouds for your Business
Choosing the Right Clouds for your BusinessChoosing the Right Clouds for your Business
Choosing the Right Clouds for your BusinessMike Kavis
 
Distinguishing, Evaluating, and Selecting Cloud Service Providers
Distinguishing, Evaluating, and Selecting Cloud Service ProvidersDistinguishing, Evaluating, and Selecting Cloud Service Providers
Distinguishing, Evaluating, and Selecting Cloud Service ProvidersGartnerJessica
 
Staying Secure When Moving to the Cloud - Dave Millier
Staying Secure When Moving to the Cloud - Dave MillierStaying Secure When Moving to the Cloud - Dave Millier
Staying Secure When Moving to the Cloud - Dave MillierTriNimbus
 
5 Points to Consider - Enterprise Road Map to AWS Cloud
5 Points to Consider - Enterprise Road Map to AWS Cloud5 Points to Consider - Enterprise Road Map to AWS Cloud
5 Points to Consider - Enterprise Road Map to AWS CloudBlazeclan Technologies Private Limited
 
AWS vs Azure - A high level comparison between the giants in cloud computing
AWS vs Azure - A high level comparison between the giants in cloud computingAWS vs Azure - A high level comparison between the giants in cloud computing
AWS vs Azure - A high level comparison between the giants in cloud computingEuro IT Group
 
The New Economics of Cloud Security
The New Economics of Cloud SecurityThe New Economics of Cloud Security
The New Economics of Cloud SecurityAlert Logic
 
Defining Your Cloud Strategy
Defining Your Cloud StrategyDefining Your Cloud Strategy
Defining Your Cloud StrategyAmazon Web Services
 

More Related Content

Viewers also liked

Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Amazon Web Services
 
AWS re:Invent 2016: Identifying Your Migration Options: the 6 Rs (ENT311)
AWS re:Invent 2016: Identifying Your Migration Options: the 6 Rs (ENT311)AWS re:Invent 2016: Identifying Your Migration Options: the 6 Rs (ENT311)
AWS re:Invent 2016: Identifying Your Migration Options: the 6 Rs (ENT311)Amazon Web Services
 
SUPPLIER SELECTION AND EVALUATION
SUPPLIER SELECTION AND EVALUATIONSUPPLIER SELECTION AND EVALUATION
SUPPLIER SELECTION AND EVALUATIONZamri Yahya
 

Viewers also liked (6)

K.I.S.S In The Cloud with AWS
K.I.S.S In The Cloud with AWSK.I.S.S In The Cloud with AWS
K.I.S.S In The Cloud with AWS
 
Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices
 
AWS re:Invent 2016: Identifying Your Migration Options: the 6 Rs (ENT311)
AWS re:Invent 2016: Identifying Your Migration Options: the 6 Rs (ENT311)AWS re:Invent 2016: Identifying Your Migration Options: the 6 Rs (ENT311)
AWS re:Invent 2016: Identifying Your Migration Options: the 6 Rs (ENT311)
 
Vendor Management
Vendor ManagementVendor Management
Vendor Management
 
SUPPLIER SELECTION AND EVALUATION
SUPPLIER SELECTION AND EVALUATIONSUPPLIER SELECTION AND EVALUATION
SUPPLIER SELECTION AND EVALUATION
 
The Benefits of Cloud Computing
The Benefits of Cloud ComputingThe Benefits of Cloud Computing
The Benefits of Cloud Computing
 

Recently uploaded

Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Nikki Chapple
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...amber724300
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...BookNet Canada
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 

Recently uploaded (20)

Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 

Staying Secure in the Cloud: Four Tips For Midsize Businesses

  • 1. Staying Secure in the Cloud Four tips for midsize businesses Brought to you by
  • 2. Overview Cloud computing allows businesses to deliver new services with agility and speed, all while saving money. But it’s no secret that working in the cloud can be risky. Brought to you by
  • 3. Key Recommendations Follow these four tips to help protect your cloud environment: 1. Determine what you want to put in the cloud 2. Spend wisely 3. Accept that security is about risk management 4. Make security relatable and understandable Brought to you by
  • 4. TIP 1 Determine what you want to put in the cloud. • First, discover and inventory your assets and data. Classify it by importance to your business and risk: how much stewardship are you directly responsible for (e.g., organizations with Electronic Protected Health Information) and what is the risk? Only allow data into the cloud that you’re willing to risk putting into the hands of a third party, and which may be located anywhere in the world. • Negotiate smart contracts with the cloud vendor and provider. Determine what you think are acceptable and mitigating controls to compensate for any problems that occur. Brought to you by
  • 5. TIP 2 Spend wisely on security. • If you don’t have a robust security department, cloud providers may be able to give you much better security than you can provide yourself. However, they have no context about your data: what is business critical intellectual property vs. your aunt’s cookie recipes. $ Brought to you by $ $ $$ $
  • 6. TIP 3 Security isn’t an all-or-nothing proposition. Accept that security is about risk management. • Small businesses are often better at understanding security because the management team is closer to IT operations. Brought to you by
  • 7. 4 TIP Make the concept of security relatable and understandable. • In some instances, security can get lost in translation between management and IT. Find someone who can speak both languages so he/she can articulate in business language what IT security means. • Increasingly the Chief Information Security Officer is being pulled from executive management ranks rather than from a technical role (or the security team). Understand that the CISO’s job is changing into a role of an interpreter, one that can translate what IT is saying into operational language. Brought to you by
  • 8. A more informed approach. The cloud doesn’t have to be a scary place. There are many cloud solutions that are well managed and secure. You just need to ask the right questions and pay close attention to the security expertise of your cloud provider. Learn more Brought to you by Download the IBM white paper, “Integrated IT Security for Midsized Businesses”.