@CloudExpo Authors: Liz McMillan, Pat Romanski, Elizabeth White, Yeshim Deniz, Zakia Bouachraoui

Related Topics: @CloudExpo, Containers Expo Blog, Cloud Security

@CloudExpo: Blog Post

File Governance Policies and Features By @JimLiddle | @CloudExpo [#Cloud]

It seems that not a week goes by without another high profile data breach or revelation about lax security

Five File Governance Policies and Features Companies Must Have

It seems that not a week goes by without another high profile data breach or revelation about lax security, both on premise and on-Cloud.  Given this companies should, at a bare minimum, consider implementing the following 5 file governance policies in place in their company to aid with file security:

1. Secure Identity Management: Ensure that an Identity Management policy is in-place, is clear, and if one exists that it is validated and checked regularly.

Check whether services and applications can take advantage of existing Identity Management to enable a Single-Sign-On (SSO) rather than promoting Identity Management Sprawl.

2. Understand Access Control Perimeters: Over time User Access Control to files / folders / systems can change.

Ensure there is a policy in place to regularly check these and ensure guest user access is regularly monitored as part of this policy. Guest access in many companies can prove to be huge security hole.

3. BYOD / BYOC: The curse of data assets finding there way onto users consumer clouds should be controlled. Consider adding a section to an employment letter outlining the policy and actions taken if breached.

If consumer type services such as DropBox have ended up being used in house ensure that user access to folders is checked as it is all too easy for users to continue to get access to company data when they are, for example,contractors that have since left the company.

4. Links for file sharing: Promote the user of trackable links for file sharing. Services such as Storage Made Easy can be used to provide audible trackable links for files irrespective of where they are actually stored. If links are used they can be password protected or time expired for additional file security.

5. Understand data boundaries for what is stored Cloud: Understanding or promoting boundaries between the types of content that is sensitive and that should remain in-house and what can be used on Cloud is sensible but can prove hard to implement.

Consider encrypting all data that is stored on Cloud Services with the private key stored securely behind the company firewall.

A company's data is it's core asset. It pays to protect who has access to it, what type of access they have, what they do with it, and what they have done with it.

More Stories By Jim Liddle

Jim is CEO of Storage Made Easy. Jim is a regular blogger at SYS-CON.com since 2004, covering mobile, Grid, and Cloud Computing Topics.

CloudEXPO Stories
DXWorldEXPO LLC announced today that ICOHOLDER named "Media Sponsor" of Miami Blockchain Event by FinTechEXPO. ICOHOLDER gives detailed information and help the community to invest in the trusty projects. Miami Blockchain Event by FinTechEXPO has opened its Call for Papers. The two-day event will present 20 top Blockchain experts. All speaking inquiries which covers the following information can be submitted by email to [email protected] Miami Blockchain Event by FinTechEXPOalso offers sponsorship and exhibit opportunities.
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on organizations of all sizes and in every line of business. Fintech is a constant battleground for this technology expanding trend and the lessons learned here can be applied anywhere. Digital transformation isn't going to go away and the need for greater understanding and skills around managing, guiding, and understanding the greater landscape of change is required for effective transformations.
Digital transformation is about embracing digital technologies into a company's culture to better connect with its customers, automate processes, create better tools, enter new markets, etc. Such a transformation requires continuous orchestration across teams and an environment based on open collaboration and daily experiments. In his session at 21st Cloud Expo, Alex Casalboni, Technical (Cloud) Evangelist at Cloud Academy, explored and discussed the most urgent unsolved challenges to achieve full cloud literacy in the enterprise world.
"We do one of the best file systems in the world. We learned how to deal with Big Data many years ago and we implemented this knowledge into our software," explained Jakub Ratajczak, Business Development Manager at MooseFS, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.