5 Steps to Securing Your Cloud Content and Staying Out of Jail


Published on

This presentation was given at the AIIM 2013 conference in New Orleans.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

5 Steps to Securing Your Cloud Content and Staying Out of Jail

  1. 1. #AIIM13#AIIM12#AIIM135 Steps to Securing Your CloudContent and Staying Out of JailBud Porter-RothConsultantPorter-Roth Associates@BudPR
  2. 2. #AIIM13Bud Porter-RothPorter-Roth AssociatesInformation Management415-381-6217budpr@erms.com@BudPR
  3. 3. #AIIM13Step 1 –Where Is Your Content?
  4. 4. #AIIM13A Quick Story “Mr. X” Creates a file in a file share that is synced to Dropbox Sync moves file to Dropbox – 3 people review file Author emails file to someone not in Dropbox Dropbox people change file and save it back Sync moves changed file back to file share Email person changes file and sends it back via email Original author shares file on Yammer to an interested personwho saves, changes, and shares back Yammer person, at lunch, opens file on iPad and then shareswith another person How many copies are out “in the wild?”
  5. 5. #AIIM13Where is Your Content?Does Dropbox keep backups of my files?Even if your computer has a meltdown, your stuff is always safe in Dropbox and can berestored in a snap.In fact, if youre using the Dropbox desktop application, your files are backed up severaltimes. The primary copy on your computers hard drive is synced online and that copyis then backed up again for safety. If you are using Dropbox to sync files betweenmultiple computers, your files are backed up on those computers as well. If that isntenough, Dropbox also keeps backups of all of your deleted and changed files too.All files synced by Dropbox are encrypted and stored securely on Amazons SimpleStorage Service (S3) over several data centers.If you have the Packrat add-on, Dropbox saves those files for as long as you have thePackrat add-on. With Packrat, you never have to worry about losing an old version of afile.
  6. 6. #AIIM13Where is Your Content?Q: Where is my data stored? Amazon S3 offers storage in the US Standard, US West(Oregon), US West (Northern California), EU (Ireland), Asia Pacific (Singapore), AsiaPacific (Tokyo), Asia Pacific (Sydney), South America (Sao Paulo), and AWS GovCloud(US) Regions. You specify a Region when you create your Amazon S3 bucket. Withinthat Region, your objects are redundantly stored on multiple devices across multiplefacilities.Amazon S3 and Amazon Glacier automatically replicate data across multiple datacenters in order to provide higher durability and designed to provide99.999999999% durability. Thats data durability the easy way. With Amazon Glacier,customers can reliably store large or small amounts of data for as little as $0.01 pergigabyte per month.
  7. 7. #AIIM13 Kevin uses the corporate Team Dropbox acct Sally has her own Dropbox acct Bill, the PM, uses the corporate Basecamp &Workday acct Rodger, a consultant – personal SugarSync acctand uses an IPad exclusively Accounting uses NetSuiteStep 2 – Who Owns Your Stuff?
  8. 8. #AIIM13Who Owns Your Stuff? You own your stuff except when…. You break the contract rules Your data is not in the US, or where you work Your data is subject to a legal proceeding Your CSP is not compliant HIPAA SOX GLBA
  9. 9. #AIIM13Step 3 – Is My Content Indexed?Can I search for it? Diverse “storage areas” will not have sameindexing capabilities Diverse “storage areas” will not have samesearch capabilities Many CSPs have no concept of managedmetadata or search structures that we haveused for 20 years in legacy systems Many systems depend on folder/file structuresor simple search of title or content
  10. 10. #AIIM13Step 3 – Is My Content Indexed?Can I search for it?IndexBYODCloud FileShareCorporateFile ShareCorporateDatabaseTaxonomy
  11. 11. #AIIM13Step 4 – eDiscovery eDiscovery means legal holds on content eDiscovery targets….. All devices synced to Dropbox (BYOD) Corporate file shares and other repositories All cloud applications (CSPs) Dropbox Workday NetSuite Basecamp + any application used for personal/business? Have you listed sites with Legal for eDiscovery? How do you place a hold on Dropbox and Workday? Are you sure you own the data?
  12. 12. #AIIM13Step 4 – eDiscoveryNo results found. Please revise your search and try again.No results found. Please revise your search and try again.eDiscoveryelectronic discoverySearch helpSearch help
  13. 13. #AIIM13Step 5 – Information GovernanceRecordsManagementInformationGovernancePrivacy(PII)ComplianceAuditSecurityLegal HoldseDiscoveryArchivingUnstructuredDataStructuredDataBusinessLegalIMIT
  14. 14. #AIIM13Questions?