Welcome!

Linux Authors: Sharon Barkai, Elizabeth White, Liz McMillan, Pat Romanski, Kevin Benedict

Related Topics: Cloud Expo, Java, Linux, Security, Big Data Journal, SDN Journal

Cloud Expo: Article

Remember These Two Important Facets of Cloud Monitoring for the Enterprise

The first important aspect of cloud monitoring is called cloud discovery

As organizations continue expanding their adoption of the public cloud, many IT and security professionals are beginning to see that they need improved cloud-monitoring and cloud-auditing capabilities. By cloud monitoring, I'm referring to the process of identifying cloud use within an organization and then evaluating if there are data privacy and/or compliance risks that need to be mitigated. Cloud monitoring includes the idea of fully understanding what clouds are being used and how employees are accessing and updating information, from where and when. This becomes more complicated with the proliferation of BYOD policies as well as the growing trend of Shadow IT groups within corporations that assist business units in deploying clouds without "Official" IT knowing about it. But steps can still be taken to manage the operational and legal risks associated with sending sensitive data outside of the corporation's firewall while simultaneously enabling operating units to use the cloud as required to drive business results.

Cloud Discovery
The first important aspect of cloud monitoring is called cloud discovery - which is simply getting a better handle on what clouds are being accessed from within your organization on a daily basis. Many cloud programs are large, have significant budgets and broad governance and oversight (companywide deployments of HR applications like SuccessFactors as an example). But some use is individual and/or department based (such as Box or DropBox), and IT professionals need a way to identify this cloud use as a first step to ensuring it is being used in a compliant fashion.

Cloud Visibility and Analysis
Another important facet of cloud monitoring is cloud visibility (or cloud analysis), which primarily means giving organizations a clearer look into how the clouds accessed from within their enterprise are being used. Which individuals or teams are accessing what specific types of data and documents... this needs to be understood by members of IT, Risk and Security so the appropriate controls can be put in place to protect the enterprise. An additional benefit of Visibility and Analysis tools is in the area of SLA auditing. Organizations can use the information now at their disposal to measure how effective cloud providers are being in providing contracted levels of service.

Completing the Picture - Protecting Non-Compliant Cloud Use
The last step of a successful cloud monitoring program needs to focus on ensuring that enterprise cloud use remains compliant with corporate guidelines (which are informed by internal security policies and any applicable regulatory guidelines). Some cloud use may not require any additional security protocols, but others likely will. Enterprise Security and IT teams can take multiple approaches to securing their data on the cloud while permitting appropriate access by their corporate users. It means being able to anticipate issues and proactively address them while enabling uninterrupted use of the most popular cloud services. Solutions such as those highlighted in Gartner's Cloud Access Security Broker framework can be particularly helpful here, including Cloud Data Control Gateways (i.e., Cloud Encryption Gateways) that can be used to encrypt or tokenize sensitive data before it goes to the cloud for processing and storage.

To learn more about how PerspecSys is helping enterprises address cloud security challenges associated with moving to the public cloud, visit the "Cloud Security" section of our website.

Read the original blog entry...


PerspecSys Inc. is a leading provider of cloud protection and cloud encryption solutions that enable mission-critical cloud applications to be adopted throughout the enterprise. Cloud security companies like PerspecSys remove the technical, legal and financial risks of placing sensitive company data in the cloud. PerspecSys accomplishes this for many large, heavily regulated companies across the world by never allowing sensitive data to leave a customer's network, while maintaining the functionality of cloud applications. For more information please visit perspecsys.com or follow on Twitter.

More Stories By Gerry Grealish

Gerry Grealish is Vice President, Marketing & Products, at PerspecSys. He is responsible for defining and executing PerspecSys’ marketing vision and driving revenue growth through strategic market expansion and new product development. Previously, he ran Product Marketing for the TNS Payments Division, helping create the marketing and product strategy for its cloud-based payment gateway and tokenization/encryption security solutions. He has held senior marketing and leadership roles for venture-backed startups as well as F500 companies, and his industry experience includes enterprise analytical software, payment processing and security services, and marketing and credit risk decisioning platforms.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.