Cloud computing is a double-edged sword. For enterprises, adopting the cloud can lead to significant capex and opex savings and improved scalability, flexibility, and availability. But the cloud also creates significant security risks, top among them being the risk of data breaches, which can be disastrous. Maintaining security with cloud computing will take a deliberate reevaluation of existing security strategies. Here are three ways VARs can help.
1. Setting strong cloud data security policies
When it comes to preventing data breaches and maintaining security with cloud computing, policy is critical, and organizations aren't always equipped to set effective policies on their own. Work with your customers as a trusted security advisor to help them understand their regulatory compliance obligations, the relative value and vulnerability of their data assets, what data they must protect, and how they must do so. Only with this understanding can you and your customers develop and communicate cloud data security policies that will keep their information safe even in the cloud.
2. Applying encryption to sensitive data
When it comes to ensuring security with cloud computing, encryption technologies are often on the front line. If paired with a strong security policy that mandates encryption keys remain exclusive to the enterprise that owns the data, encryption of sensitive data will fulfill many compliance requirements and ensure that even if data is leaked or stolen, it is rendered unreadable to anyone without the proper access or permissions. Encryption services and gateways are growing ever more popular in the wake of recent data breaches and revelations of government spying. Know the landscape so that you can recommend the best options to your customers.
3. Backing up policy and encryption with DLP and activity monitoring
Data breaches aren't enterprises' only concerns. Data leaks caused by employees, whether maliciously or inadvertently (say, through the uploading of sensitive data to unapproved cloud services), pose a concern, too. For this reason, enterprises need to back up their policies and encryption strategies with Data Loss Prevention (DLP) and activity monitoring solutions that can detect attempts to access or transmit sensitive data and that can provide insight into employee activities. As a VAR, you can help your customers choose the right solutions to integrate with their encryption strategies and can help them set up the policy-based controls that DLP and activity monitoring solutions need to generate alerts and help security teams stay on top of threats and unusual behavior.
If all this sounds like a lot of work, that's because it is. The cloud, as beneficial as it is, isn't perfect. But it is an opportunity, both for the enterprises adopting it and the VARs that serve those enterprises. Have you explored the opportunity? Distributor and vendor partnerships can transform you from a mere reseller into a service provider. Check out some case studies, like Solutionary's and Connecting Point's, to get an idea of the possibilities. And speak with an Ingram Micro information security and business development specialist to find out more.
How do your customers maintain security with cloud computing? Tell us your experiences in the comments.