The document discusses trends in enterprises adopting cloud applications and the risks this poses. It outlines 9 steps for enterprises to manage cloud application usage and security, including discovering all cloud apps in use, assessing their risks, enabling secure apps, enforcing data loss prevention policies, monitoring user activity, understanding compliance needs, encrypting sensitive data, and preserving business functionality while applying security. The goal is for enterprises to understand cloud usage, gain visibility over data, and protect information across locations.
5. STEP 1: Discover all cloud applications in use
Without visibility into all your organization’s cloud usage you may be risking security, allowing
leaks of sensitive data, and reducing efficiency.
6. STEP 2: Assess the risk of your applications
Find applications that can be conduits for malware attacks, data theft, and security breaches.
7. STEP 3: Enable the right applications
Standardize whenever possible, discourage the use of free services, block risky applications and
monitor alerts for new risky applications.
8. STEP 4: Understand how your users work
Work with your users to understand what applications are critical and what functionality is
important to them.
9. STEP 5: Enforce data loss prevention policies
By extending your DLP controls to cloud applications, you can have assurance that cloud
applications are being used wisely and not becoming avenues for data loss or harmful breaches.
10. STEP 6: Monitor user activity and detect
anomalies
Consistent user activity monitoring provides a baseline of known behavior. Noticeable changes
in typical behavior can be important indicators of suspicious activity or serious breaches.
11. STEP 7: Understand compliance requirements
In order to effectively protect sensitive data your organization needs to understand the specific
compliance requirements for any data it is handling and potentially putting in the cloud.
12. STEP 8: Encrypt or tokenize sensitive data fields
Encrypt or tokenize your sensitive data in the cloud and keep the keys to assure security and
compliance, data residency and sovereignty.
13. STEP 9: Preserve business functionality
Apply effective security tools that do not break key business functionality, else this would defeat
the purpose of using the cloud.
Does encryption/tokenization of your cloud data :
• Preserve format & length?
• Supports search, sort of data?
• Enable advanced reports & list filters?
• Impact user experience?