The steps required to secure data in the cloud vary. Factors, including the type and sensitivity of the data to be protected, cloud architecture, accessibility of built-in and third-party tools, and number and types of users authorized to access the data must be considered.
Some general best practices to secure business data in the cloud include the following:
- Encrypt data at rest, in use and in motion.
- Use two-factor authentication (2FA) or multifactor authentication (MFA) to verify user identity before granting access.
- Adopt cloud edge security protections, including firewalls, IPSes and antimalware.
- Isolate cloud data backups to prevent ransomware threats.
- Ensure data location visibility and control to identify where data resides and to implement restrictions on whether data can be copied to other locations inside or outside the cloud.
- Log and monitor all aspects of data access, additions and changes
Emerging cybersecurity tools should also be considered to help secure data in clouds. These include network detection and response (NDR) and artificial intelligence (AI) for IT operations (AIOps). Both tools collect cloud infrastructure health and cybersecurity information. AI then analyzes data and alerts administrators of abnormal behavior that could indicate a threat.