Post pandemic has resulted in a surge of cloud adoption with many companies now operating a hybrid mix and match approach to corporate data to fit in with new digital transformation approaches that encompass hybrid or remote workers.
Whereas a hybrid multi-cloud approach is best for flexibility and ROI it can increase the threat surface of data so it is key to adopt a unified policy based approach to data governance and compliance. Below are 5 key recommendations for multi-cloud data governance:
1. Enforce unified policies across all storage and data workflows. This should encompass policies such as:
- Securing sharing policies, to mitigate issues such as S3 bucket breaches.
- Joined up compliance monitoring to mitigate PHI / PII data exposure in addition to adhering to regimes such as HIPAA, GDPR and CCPA, and others that are industry specific such as FINRA and FERPA.
2. Ensure there is strong access management and resource authorisation to all resources. Implement single-sign-on for resource access and additionally enable multi-factor authentication for additional security. Review all Access Control Lists and Roles to ensure there all are still valid.
3. Join up auditing for all data access events to ensure end-to-end traceability and to satisfy privacy compliance requests such as SAR’s (Subject Access Requests for personal data).
4. Consider options for where sensitive data is accessible. There could be a policy to host this locally rather than in the Cloud or there could be a policy to have external encryption applied to files/folders that are cloud stored.
5. Ensure appropriate CyberSecurity is in place for storage resources such as malware scanners, Anti-virus, heuristic log analysis, ransomware protections etc.
Above all ensure that there are processes in-place for a regular review of the above and consider have a yearly external data governance audit.
For those concerned about multi-cloud data governance we recommend taking a look at our Enterprise File Fabric product which is a non-invasive proprietary smart-proxy which can federate single-sign-on to disparate storage resources, provides unified policy based data governance and compliance, implements real-time ransomware protection and recovery, provides transparent FIPS certified file and object encryption, and which scans on-demand for PHI and PII data.
Sign up for an enterprise trial here or alternatively visit Google, Azure or the AWS marketplace and spin up an instance:by
Latest posts by Storage Made Easy (see all)
- File Fabric File Encryption Update - May 23, 2022
- How to Obtain a Multi-Cloud Asset File Listing for the File Fabric - April 25, 2022